Package: bacula Version: 1.38.9-3 Severity: normal Hi,
any chance the bacula daemons (all of them) could listen to the local loopback interface (i.e. 127.0.0.1) _only_ per default? Currently they listen to _any_ (all) interfaces, which exposes them to the Internet usually. Security-wise it would be better to not do that, except when you really need to. I'm aware that Bacula is a _networked_ backup solution, but it can be used locally, too. Also, many people (like me) will probably first install it to play around with it, read the docs etc. etc. before really deploying it for productive use. It would be nice if those people were not exposed to increased, unnecessary risks per default. If you use it in a network, you should be able to configure to which interface(s) it listenes to, of course. Uwe. -- Uwe Hermann http://www.hermann-uwe.de http://www.it-services-uh.de | http://www.crazy-hacks.org http://www.holsham-traders.de | http://www.unmaintained-free-software.org
signature.asc
Description: Digital signature
