Fix: relayd should listen for viewers on localhost only by default
authorMathieu Desnoyers <mathieu.desnoyers@efficios.com>
Fri, 28 Feb 2014 13:33:49 +0000 (08:33 -0500)
committerDavid Goulet <dgoulet@efficios.com>
Fri, 28 Feb 2014 15:21:45 +0000 (10:21 -0500)
commitfa91dc52d62347d1c1ce56e995525f2c57adfc13
tree388ea4926a9a8232a8fe4fd0f5ea7866eacea56e
parentaf6bce8078af432ec0bb59db4f33095c26845c4d
Fix: relayd should listen for viewers on localhost only by default

Having relayd listening by default on 0.0.0.0 (all interfaces) with a
protocol without authentication is an information leak waiting to
happen.

Users should explicitely specify if they want to listen on all
interfaces, using e.g. -L tcp://0.0.0.0:5344 (see lttng-relayd(8)
manpage for details). They should only do so if they use a firewall, or
are within a secured network.

Fixes #746

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Signed-off-by: David Goulet <dgoulet@efficios.com>
doc/man/lttng-relayd.8
src/bin/lttng-relayd/main.c
src/bin/lttng-sessiond/jul-thread.c
src/common/defaults.h
This page took 0.027317 seconds and 4 git commands to generate.