Red Hat Bugzilla – Bug 828403
[RFE] Restrict interfaces imagefactory and iwhd listen on
Last modified: 2013-07-04 18:37:58 EDT
Description of problem:
imagefactory and image warehouse daemon (iwhd) both listen on all network interfaces but seem to be only accessed from localhost. There seems to be no login / password restriction for imagefactory. Please restrict access for security / audit purposes.
Do imagefactory and iwhd have to run as root? Having a script (imagefactory) run as root is a security audit failure.
This should be scoped down to imgfac only.