[Bug 235653] Re: [SRU] ACL covering all IPv4 addresses is broken in 2.2.1

Steve Langasek steve.langasek at canonical.com
Wed Aug 27 01:11:48 BST 2008


Hi Charles,

Well, most sysadmins that I know, including the sysadmin that is me :),
prefer security in depth and don't want an either-or choice between
application-level and system-level ACLs.

> Note also that newer versions of NUT are dropping ACLs in favor of
> binding to interfaces (with a failsafe default of not binding to any
> interfaces automatically). I believe the rationale was that by binding
> to a specific interface, there is no chance for someone to exploit any
> potential holes in the NUT ACL code.

That's not a meaningful solution for users who want to allow remote access
from certain addresses and only have one interface.

-- 
[SRU] ACL covering all IPv4 addresses is broken in 2.2.1
https://bugs.launchpad.net/bugs/235653
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nut in ubuntu.



More information about the Ubuntu-server-bugs mailing list