pcp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Bug 941] New: security: pmproxy needs outbound acl

from [bugzilla-daemon] [Permanent Link][Original]
To: pcp@xxxxxxxxxxx
Subject: [Bug 941] New: security: pmproxy needs outbound acl
From: bugzilla-daemon@xxxxxxxxxxx
Date: Fri, 29 Mar 2013 17:10:28 +0000
Auto-submitted: auto-generated
Delivered-to: pcp@xxxxxxxxxxx
Bug ID 941
Summary security: pmproxy needs outbound acl
Product pcp
Version unspecified
Hardware All
OS Linux
Status NEW
Severity normal
Priority P5
Component pcp
Assignee mort@sgi.com
Reporter fche@redhat.com
CC pcp@oss.sgi.com
Classification Unclassified 

With pmproxy (and pmwebd in the future), there is a risk of letting the proxy
server be used as a scanning tool for an internal network, by e.g. having
someone request arbitrary hosts & port-numbers for putative-pcp connections. 
Until we have a proper client-authentication scheme (and probably even after),
pmproxy & pmwebd should have a facility to restrict the permitted outbound
connections.  This could use an ACL file kind of like pmcd, though it needs to
be more picky w.r.t. port numbers.

You are receiving this mail because:
  • You are on the CC list for the bug.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • [Bug 941] New: security: pmproxy needs outbound acl, bugzilla-daemon <=
Previous by Date:  Re: [pcp] qa/713 certificate issue, Ken McDonell
Next by Date:  libpcp bug fix: multiple connections to same host but different ports, Frank Ch. Eigler
Previous by Thread:  qa/713 certificate issue, Ken McDonell
Next by Thread:  libpcp bug fix: multiple connections to same host but different ports, Frank Ch. Eigler
Indexes:  [Date] [Thread] [Top] [All Lists]