Hi, thanks for bringing this up!
Am 29.09.18 um 23:38 schrieb Matt Marjanovic: > In particular, this means that the ERL_EPMD_ADDRESS parameter is ignored. > This is typically used to reduce the attack surface of epmd by telling it > to only listen on localhost. As installed, epmd will listen on all > interfaces. > > This is to some degree an issue for the erlang-base package, which provides > epmd > and its systemd units and *should* provide a config option to restrict epmd to > listening on localhost only. However, it is the ejabberd package that > provides > the /etc/default/ejabberd file. I will patch out the ERL_EPMD_ADDRESS part of /etc/default/ejabberd, the rest should be fine as it does not concern epmd but the Erlang VM that ejabberd is running in. I will also contact the Erlang maintainer. Best wishes, -- .''`. Philipp Huebner <debala...@debian.org> : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `-
signature.asc
Description: OpenPGP digital signature
