Re: service accepting commands from the network by default

On Mon, Feb 23, 2015 at 09:16:48AM +0800, Christopher Meng wrote: > Elasticsearch was never safe: > > http://www.elasticsearch.org/community/security/ > https://bugzilla.redhat.com/show_bug.cgi?id=1124252 > > So it shouldn't go ahead in current status. Thanks to everyone for their comments. Elas

Re: service accepting commands from the network by default

Elasticsearch was never safe: http://www.elasticsearch.org/community/security/ https://bugzilla.redhat.com/show_bug.cgi?id=1124252 So it shouldn't go ahead in current status. -- Yours sincerely, Christopher Meng http://cicku.me -- devel mailing list devel@lists.fedoraproject.org https://admi

Re: service accepting commands from the network by default

On Sun, Feb 22, 2015 at 01:55:31PM -0700, Kevin Fenzi wrote: > On Sun, 22 Feb 2015 21:25:01 +0100 > Zbigniew Jędrzejewski-Szmek wrote: > > > So, my problem is whether the package should go through review in > > current state. My gut feeling is that it shouldn't, but I don't want > > to overstep m

Re: service accepting commands from the network by default

On Sun, 22 Feb 2015 21:25:01 +0100 Zbigniew Jędrzejewski-Szmek wrote: > So, my problem is whether the package should go through review in > current state. My gut feeling is that it shouldn't, but I don't want > to overstep my role as a reviewer. I'd personally agree. Can they not at least make i

Re: service accepting commands from the network by default

On Sun, Feb 22, 2015 at 01:08:34PM -0700, Kevin Fenzi wrote: > On Sun, 22 Feb 2015 15:04:18 +0100 > Zbigniew Jędrzejewski-Szmek wrote: > > > Are Fedora packages allowed to have a default configuration in which > > the service accepts commands from the network in the default > > configuration? >

Re: service accepting commands from the network by default

On Sun, Feb 22, 2015 at 07:51:06PM +0100, Reindl Harald wrote: > and then comes the default firewall on F21 workstation with all > ports > 1024 open because things "have to work out of the box" Yes, this is the reason why I'm asking. If there was a restrictive firewall by default, this would not be

Re: service accepting commands from the network by default

On Sun, 22 Feb 2015 15:04:18 +0100 Zbigniew Jędrzejewski-Szmek wrote: > Are Fedora packages allowed to have a default configuration in which > the service accepts commands from the network in the default > configuration? Commands from the network what sort of commands? Perhaps you had an exampl

Re: service accepting commands from the network by default

Am 22.02.2015 um 19:46 schrieb M. Edward (Ed) Borasky: Yes, I would think: a) all services should be disabled and their ports closed by default, and b) the documentation should describe how to enable the service and open the ports and then comes the default firewall on F21 workstation with a

Re: service accepting commands from the network by default

Yes, I would think: a) all services should be disabled and their ports closed by default, and b) the documentation should describe how to enable the service and open the ports On Sun, Feb 22, 2015 at 6:04 AM, Zbigniew Jędrzejewski-Szmek wrote: > Are Fedora packages allowed to have a default conf

service accepting commands from the network by default

Are Fedora packages allowed to have a default configuration in which the service accepts commands from the network in the default configuration? The daemon is not enabled by default, so the administrator has to do a systemctl enable/start first. This means that just installing the package does no