[Tickets #7317] Shell feature should be disabled by default
bugs at horde.org
bugs at horde.org
Wed Sep 10 09:21:44 UTC 2008
DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: http://bugs.horde.org/ticket/7317
------------------------------------------------------------------------------
Ticket | 7317
Created By | dev at nigelj.com
Summary | Shell feature should be disabled by default
Queue | Horde Base
Version | 3.2.1
Type | Bug
State | Unconfirmed
Priority | 3. High
Milestone |
Patch |
Owners |
------------------------------------------------------------------------------
dev at nigelj.com (2008-09-10 05:21) wrote:
In interests of security it should be considered that the ability to
access the horde shell should be disabled by default, while Fedora
ships Horde as only accessible to 127.0.0.1 by default, the potential
is still around that someone will open it all up, and any Tom, Dick or
Harry could run just about whatever they wanted.
For reference the downstream bug for EPEL/Fedora is:
https://bugzilla.redhat.com/show_bug.cgi?id=461365 which has in my
opinion far more concise reasoning for this request.
More information about the bugs
mailing list