27.04.2022 19:38, ceddral wrote:
...
attention now being explicit in the config. Now that I'm aware
I do believe a unix socket would be the more sensible default.
This variant (the unix socket) weren't always available.
It was implemented in version 1.5.2, and I wasn't aware
of this until
27.04.2022 19:38, ceddral wrote:
..
Tested it, as far as i can tell it works for me with
chroot: "/var/lib/unbound"
and
control-interface: "/run/unbound-control.socket"
Thank you for confirming this. I too did the similar test locally,
you made me curious.
(and
> Can you tell please which version did you upgrade from?
> Please note that before, unbound in Debian had a patch
> to secretly enable remote-control socket which by default
> is tcp. In this release I just made it explicit instead of
> doing it secretly.
Right you are, the socket was open
Control: severity -1 wishlist
Control: tag -1 confirmed
27.04.2022 16:48, ceddral wrote:
Package: unbound
Version: 1.15.0-4
Severity: normal
X-Debbugs-Cc: debian...@ceddral.org
Dear Maintainer,
unbound package upgrade introduced a default config to enable remote-control
via tcp socket.
Can
Package: unbound
Version: 1.15.0-4
Severity: normal
X-Debbugs-Cc: debian...@ceddral.org
Dear Maintainer,
unbound package upgrade introduced a default config to enable remote-control
via tcp socket. Please change the default config to use a unix socket and avoid
the attack surface of a tcp socket
5 matches
Mail list logo