[Bug 981] pmlc security

To:	pcp@xxxxxxxxxxx
Subject:	[Bug 981] pmlc security
From:	bugzilla-daemon@xxxxxxxxxxx
Date:	Fri, 12 Jul 2013 22:32:31 +0000
Auto-submitted:	auto-generated
Delivered-to:	pcp@xxxxxxxxxxx
In-reply-to:	<bug-981-835@xxxxxxxxxxxxxxxx/bugzilla/>
References:	<bug-981-835@xxxxxxxxxxxxxxxx/bugzilla/>

Comment # 2 on bug 981 from Frank Ch. Eigler

> We I (for one) use pmlc on one machine to interrogate (and sometimes
> control) pmlogger on another machine.

OK.  (Have you considered perhaps going through pmcd to talk to a pmlogger?
That way we get networking & security.)

> There is already an access control clause available in the pmlogger
> configuration files, and I think Nathan's recent work on making a better
> fist of creating default pmlogger configuration files included turning off
> remote pmlc access to change the pmlogger config (stops my 2. above, but
> allows 1.).

For what it's worth, even unauthenticated localhost access does not fare
much better from a security point-of-view.

> It does not help Frank's concerns much, but pmlogger is no more of a DOS
> attack vector than pmcd is!

Except that the data stored by pmlogger can be manipulated by unauthorized
pmlc usage (whereas pmcd is on the whole read-only), so that makes the
pmlogger archives unreliable as a record of what happened.

You are receiving this mail because:

You are on the CC list for the bug.

<Prev in Thread]	Current Thread	[Next in Thread>
[Bug 981] New: pmlc security, bugzilla-daemon [Bug 981] pmlc security, bugzilla-daemon [Bug 981] pmlc security, bugzilla-daemon <= Re: [pcp] [Bug 981] pmlc security, Ken McDonell

Previous by Date:	Re: [pcp] Prepare to be assimilated^Wanalysed; resistance is futile, Ken McDonell
Next by Date:	Re: [pcp] [Bug 981] pmlc security, Ken McDonell
Previous by Thread:	[Bug 981] pmlc security, bugzilla-daemon
Next by Thread:	Re: [pcp] [Bug 981] pmlc security, Ken McDonell
Indexes:	[Date] [Thread] [Top] [All Lists]