"Ryan S. Brown" <ryansb@xxxxxxxxxx> writes: > [...] In January, the Fedora rawhide package for mongo[2] was > changed to listen on all interfaces by default [...] To help > protect users, I think the default should be changed back to > localhost only. [...] We have a slew of network-servers in the fedora distribution. Apprx. none of them are supposed to be turned on just by virtue of rpm installation (so, require an explicit systemctl enable), and apprx. none of them get through the system-default firewalld setup. The out-of-the-box risk is therefore nil. If you'd like to pursue a distro-wide change for this interface-binding level of security, please consider pursuing it via a Fedora Change type process rather than piecemeal package-by-package. - FChE -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
