Bug 828403 - [RFE] Restrict interfaces imagefactory and iwhd listen on
[RFE] Restrict interfaces imagefactory and iwhd listen on
Status: NEW
Product: CloudForms Cloud Engine
Classification: Red Hat
Component: imagefactory (Show other bugs)
1.0.0
Unspecified Unspecified
medium Severity high
: rc
: ---
Assigned To: Ian McLeod
Rehana
: FutureFeature, Triaged
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-06-04 13:39 EDT by james labocki
Modified: 2013-07-04 18:37 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description james labocki 2012-06-04 13:39:21 EDT
Description of problem:

imagefactory and image warehouse daemon (iwhd) both listen on all network interfaces but seem to be only accessed from localhost. There seems to be no login / password restriction for imagefactory. Please restrict access for security / audit purposes.

Do imagefactory and iwhd have to run as root? Having a script (imagefactory) run as root is a security audit failure.
Comment 2 Mike Orazi 2013-01-29 10:59:21 EST
This should be scoped down to imgfac only.

Note You need to log in before you can comment on or make changes to this bug.