Bug#587460: snmpd should not bind to localhost by default
Hi Marco, Are there any news? On Jun 28, Marco d'Itri wrote: Package: snmpd On Jun 28, Jochen Friedrich wrote: What is the point? Who installs snmpd to only use it locally? snmpd might be installed by a dependency, e.g. by quagga. I don't think so. quagga only suggests snmpd, so it cannot be installed by mistake. The list of packages Recommending or Depending on snmpd is very short and they look reasonable. How did you come to conclude that more people install snmpd by mistake than because they actually want to use it? Daemons should be installed with the configuration which would be useful for the largest number of users. -- ciao, Marco I aggree that the bind to 127.0.0.1 can finally disappear in /etc/default/net-snmp as this bind is now done in the sample snmpd.conf shipped by upstream. However, I still believe that there shouldn't be any unconfigured snmpd deamons reachable from outside. You need to specify at least a basic set of ACLs or even better some user name and sign / encryption password for access of SNMP MIBs. Thanks, Jochen -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#587460: snmpd should not bind to localhost by default
Are there any news? On Jun 28, Marco d'Itri wrote: > Package: snmpd > > On Jun 28, Jochen Friedrich wrote: > > >> What is the point? Who installs snmpd to only use it locally? > > snmpd might be installed by a dependency, e.g. by quagga. > I don't think so. quagga only suggests snmpd, so it cannot be installed > by mistake. The list of packages Recommending or Depending on snmpd is > very short and they look reasonable. > How did you come to conclude that more people install snmpd by mistake > than because they actually want to use it? > Daemons should be installed with the configuration which would be useful > for the largest number of users. > > -- > ciao, > Marco > > > -- ciao, Marco signature.asc Description: Digital signature
Bug#587460: snmpd should not bind to localhost by default
Package: snmpd On Jun 28, Jochen Friedrich wrote: >> What is the point? Who installs snmpd to only use it locally? > snmpd might be installed by a dependency, e.g. by quagga. I don't think so. quagga only suggests snmpd, so it cannot be installed by mistake. The list of packages Recommending or Depending on snmpd is very short and they look reasonable. How did you come to conclude that more people install snmpd by mistake than because they actually want to use it? Daemons should be installed with the configuration which would be useful for the largest number of users. -- ciao, Marco -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org