Return-Path: Delivered-To: apmail-felix-dev-archive@www.apache.org Received: (qmail 80516 invoked from network); 20 Nov 2008 15:59:16 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 20 Nov 2008 15:59:16 -0000 Received: (qmail 93250 invoked by uid 500); 20 Nov 2008 15:59:25 -0000 Delivered-To: apmail-felix-dev-archive@felix.apache.org Received: (qmail 93204 invoked by uid 500); 20 Nov 2008 15:59:24 -0000 Mailing-List: contact dev-help@felix.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@felix.apache.org Delivered-To: mailing list dev@felix.apache.org Received: (qmail 93193 invoked by uid 99); 20 Nov 2008 15:59:24 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 20 Nov 2008 07:59:24 -0800 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: local policy) Received: from [85.25.64.245] (HELO www.soapwars.de) (85.25.64.245) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 20 Nov 2008 15:58:01 +0000 Received: from p57a371d1.dip.t-dialin.net ([87.163.113.209] helo=[192.168.2.107]) by www.soapwars.de with esmtpa (Exim 4.63) (envelope-from ) id 1L3BvV-0002Wl-QJ for dev@felix.apache.org; Thu, 20 Nov 2008 16:58:45 +0100 Message-ID: <49258924.4060408@soapwars.de> Date: Thu, 20 Nov 2008 16:58:28 +0100 From: Peter User-Agent: Thunderbird 2.0.0.18 (Windows/20081105) MIME-Version: 1.0 To: dev@felix.apache.org References: <1262044622.1227140384358.JavaMail.jira@brutus> <49251980.8020706@gmail.com> In-Reply-To: <49251980.8020706@gmail.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-AVK-Virus-Check: AVK 19.1595;F1206 X-SA-Exim-Connect-IP: 87.163.113.209 X-SA-Exim-Mail-From: ptriller@soapwars.de X-Spam-Checker-Version: SpamAssassin 3.1.7-deb (2006-10-05) on www.soapwars.de X-Spam-Level: Subject: Re: [jira] Created: (FELIX-826) Enable the remote shell to bind to an IP and make 127.0.0.1 the default X-SA-Exim-Version: 4.2.1 (built Tue, 09 Jan 2007 17:23:22 +0000) X-SA-Exim-Scanned: Yes (on www.soapwars.de) X-Virus-Checked: Checked by ClamAV on apache.org X-Old-Spam-Status: No, score=0.8 required=5.0 tests=ALL_TRUSTED,AWL, DNS_FROM_SECURITYSAGE autolearn=no version=3.1.7-deb Hi all, In my personal opinion, although backward compatibility is important in this case I would do it for two main reasons: 1) In most cases this will be the desired behaviour. 2) In the cases where it is not, it still does not break the application, but only the administration of the application, so the impact of the change is not very big. Also the change is pretty easy to detect and if this is documented on the webpage very fast to correct. Regards Peter Felix Meschberger schrieb: > Hi all, > > Thanks Peter for providing this patch. I think the proposed patch is > perfectly valid and good idea to start with. > > My worries are with existing setups: in a backwards compatibility > scenario, I would bind to 0.0.0.0 by default instead of just localhost. > In a security-by-default scenario I would agree with Peter, that > remote.shell should bind to localhost only. > > Any opinions on what scenario -- compatible binding 0.0.0.0 or security > binding 127.0.0.1 -- going forward ? > > Regards and Thanks > Felix > > > > > Peter Triller (JIRA) schrieb: > >> Enable the remote shell to bind to an IP and make 127.0.0.1 the default >> ----------------------------------------------------------------------- >> >> Key: FELIX-826 >> URL: https://issues.apache.org/jira/browse/FELIX-826 >> Project: Felix >> Issue Type: New Feature >> Components: Remote Shell >> Affects Versions: shell.remote-1.0.2 >> Reporter: Peter Triller >> >> >> >> >>