Am 13.02.2015 um 17:25 schrieb Frank Ch. Eigler:
"Ryan S. Brown" <ryansb@xxxxxxxxxx> writes:[...] In January, the Fedora rawhide package for mongo[2] was changed to listen on all interfaces by default [...] To help protect users, I think the default should be changed back to localhost only. [...]We have a slew of network-servers in the fedora distribution. Apprx. none of them are supposed to be turned on just by virtue of rpm installation (so, require an explicit systemctl enable), and apprx. none of them get through the system-default firewalld setup. The out-of-the-box risk is therefore nil
that is as wrong as it can be * the workstation product don't block incoming high ports and hence i still call this defaults harmful and wrong * it is not unlikely that a developer installs mongodb on his workstation - since the target audience are developers it is even high likely * monogdb is listening on a port above 1024do i need to explain the result or is that enough that you as well as the workstation guys re-consider their mistakes?
Attachment:
signature.asc
Description: OpenPGP digital signature
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
