Description of problem: Proxy server is being installed with a rules that allows only localhost as a source but does not limit destination addresses. Destination address can be limited by RHN_PARENT variable which have to be defined before installation. In current configuration user have to create own acl to allow connections from his network. When one is not careful enough it is fairly easy to create open proxy. Moreover spacewalk proxy should rather be used as dedicated rpm proxy, not ordinary www proxy. How reproducible: On every installation. Steps to Reproduce: 1. Install. 2. Find out that only localhost can connect proxy. 3. Create Your own acl for Your local subnet. 4. Be carefree and do not limit destinations or do not implement authorisation. Actual results: It is easy to make open proxy. Expected results: Add one or two simple rules will do the job. Additional info:
Spacewalk 2.8 (and older) has already reached it's End Of Life. Thank you for reporting this issue and we are sorry that we were not able to fix it before end of life. If you would still like to see this bug fixed and are able to reproduce it against current version of Spacewalk 2.9, you are encouraged change the 'version' and re-open it.