Bug 828371 - Restrict Listening Interfaces for Postgres
Restrict Listening Interfaces for Postgres
Status: CLOSED UPSTREAM
Product: Red Hat Satellite 6
Classification: Red Hat
Component: Installer (Show other bugs)
6.0.0
Unspecified Unspecified
unspecified Severity medium (vote)
: Unspecified
: --
Assigned To: Lukas Zapletal
Katello QA List
: FutureFeature, Triaged
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-06-04 13:26 EDT by james labocki
Modified: 2013-03-27 16:40 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-08-03 05:34:00 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description james labocki 2012-06-04 13:26:32 EDT
Description of problem:
Postgres listens on any network interface (5432/tcp), but is only used by localhost. Restricting it (especially since the username and password are well known) is important. Leaving it the way it is will fail any security audit.
Comment 1 Mike McCune 2012-06-13 11:28:08 EDT
I think this is solved with the katello-password command that is now in the latest release of Katello
Comment 2 Lukas Zapletal 2012-08-03 05:34:00 EDT
DONE UPSTREAM!

https://github.com/Katello/katello/pull/345

Note You need to log in before you can comment on or make changes to this bug.