[jira] [Created] (ZOOKEEPER-2221) Zookeeper JettyAdminServer server should start on configured IP.

Surendra Singh Lilhore (JIRA) Thu, 25 Jun 2015 07:08:35 -0700

Surendra Singh Lilhore created ZOOKEEPER-2221:
-------------------------------------------------


             Summary: Zookeeper JettyAdminServer server should start on 
configured IP.
                 Key: ZOOKEEPER-2221
                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2221
             Project: ZooKeeper
          Issue Type: Bug
          Components: quorum
    Affects Versions: 3.5.0
            Reporter: Surendra Singh Lilhore
            Assignee: Surendra Singh Lilhore


Currently JettyAdminServer starting on "0.0.0.0" IP. "0.0.0.0" means "all IP 
addresses on the local machine". So, if your webserver machine has two ip 
addresses, 192.168.1.1(private) and 10.1.2.1(public), and you allow a webserver 
daemon like apache to listen on 0.0.0.0, it will be reachable at both of those 
IPs.

This is security issue. webserver should be accessible from only configured IP



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Created] (ZOOKEEPER-2221) Zookeeper JettyAdminServer server should start on configured IP.

Reply via email to