Hi Charles, Well, most sysadmins that I know, including the sysadmin that is me :), prefer security in depth and don't want an either-or choice between application-level and system-level ACLs.
> Note also that newer versions of NUT are dropping ACLs in favor of > binding to interfaces (with a failsafe default of not binding to any > interfaces automatically). I believe the rationale was that by binding > to a specific interface, there is no chance for someone to exploit any > potential holes in the NUT ACL code. That's not a meaningful solution for users who want to allow remote access from certain addresses and only have one interface. -- [SRU] ACL covering all IPv4 addresses is broken in 2.2.1 https://bugs.launchpad.net/bugs/235653 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to nut in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
