On Wed, Apr 01, 2009 at 01:30:29PM +0300, Jari Aalto wrote: > Package: apt-cacher > Version: 1.6.8 > Severity: normal > > > The default installation of /etc/apt-cacher/apt-cacher.conf contains > line: > > allowed_hosts=* > > Which: > > # Localhost (127.0.0.1) is always allowed. Other addresses must be matched > # by allowed_hosts and not by denied_hosts to be permitted to use the > cache. > # Setting allowed_hosts to "*" means "allow all". > > Please consider security and allow only localhost or some 192.168.*.* > value in default installation.
I can see the benefit of changing this, but it will break lots of people's installations which makes me a bit reluctant. Mark -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
