[ https://issues.apache.org/jira/browse/ZOOKEEPER-2221?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14608854#comment-14608854 ]
Raul Gutierrez Segales commented on ZOOKEEPER-2221: --------------------------------------------------- ignoring the failure: {code} [exec] [exec] /home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-Build/trunk/src/c/tests/TestReconfig.cc:474: Assertion: assertion failed [Expression: found != string::npos, 10.10.10.4:2004 not in newComing list] [exec] [exec] Failures !!! {code} > Zookeeper JettyAdminServer server should start on configured IP. > ---------------------------------------------------------------- > > Key: ZOOKEEPER-2221 > URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2221 > Project: ZooKeeper > Issue Type: Bug > Components: quorum > Affects Versions: 3.5.0 > Reporter: Surendra Singh Lilhore > Assignee: Surendra Singh Lilhore > Attachments: ZOOKEEPER-2221.patch, ZOOKEEPER-2221.patch, > ZOOKEEPER-2221.patch, ZOOKEEPER-2221.patch, ZOOKEEPER-2221_1.patch > > > Currently JettyAdminServer starting on "0.0.0.0" IP. "0.0.0.0" means "all IP > addresses on the local machine". So, if your webserver machine has two ip > addresses, 192.168.1.1(private) and 10.1.2.1(public), and you allow a > webserver daemon like apache to listen on 0.0.0.0, it will be reachable at > both of those IPs. > This is security issue. webserver should be accessible from only configured IP -- This message was sent by Atlassian JIRA (v6.3.4#6332)