On 10/25/22 5:34 PM, Peter Naulls wrote:
On 10/25/22 17:25, Reuben Dowle wrote:
The issue of HTTP listening on all interfaces also came up in my
audit, but the auditors were happy with the explanation that the
firewall prevented any access through the WAN interface. If the
people auditing your system are only interested in security
'theatre', then that is really a poor quality/incompetent audit process.
Well, I agree. For clarity, years ago I had been through reviews with
both
Microsoft and Intel, with some combination of Ubuntu/OpenWrt, so had some
expectation here. Those reviews turned up their share of nonsense, but
things
have changed I guess.
My hands are tied, we gotta do the dance.
I mean this as gently as possible, but I think what a lot of us are
missing is the benefit to the OpenWrt project to carry an increased
maintenance burden in response to your internal requirements, which you
openly state add no value. Maybe your time is better spent fixing your
organization's processes, rather than trying to make volunteers
responsive to what we all agree are pointless requirements? -Nathan
_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
