Hi all, I'm packaging an in-memory message queuing service [0] that ships tests, which require listening on a non-privileged port for the 1-2 seconds that the tests last.
The service supports no authorisation/authentication and, as of now, has no way of limiting the size of inserted messages. Would it be acceptable if I were to patch the tests to accept connections only from the localhost? (implies a potential risk of a local user attack) >From a robustness perspective, I could patch the tests to try several different port numbers if the default (11400) is not available. Cheers, Serafeim [0] beanstalkd, ITP #557128 -- debtags-organised WNPP bugs: http://members.hellug.gr/serzan/wnpp -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
