[Nut-upsdev] [nut-Feature Requests][310492] Allow to specify hostnames in ACL (upsd.conf)
Arjen de Korte
nut+devel at de-korte.org
Sat Jan 19 21:20:56 UTC 2008
>> Indeed. So I propose to grant unrestricted RO access on all interfaces
we're listening at. This means that only users with RW access need to
be
>> configured. Any objections?
> Well, I don't think exposing information by default on a network is ever
a good idea. Even if that information seems innocent at first, at least
the fact that everyone can interact more with the server could make
small security bugs become critical.
The requirement that a user first sends a 'LOGIN username' to the server,
before allowing 'VAR variable' doesn't make a lot of difference in the
code being used. We've already spent the bulk of the effort by allowing
someone to send (and parse) the LOGIN command to the server, the required
effort to process VAR isn't much different. So in terms of preventing a
DOS attack on the server, there is not much to gain here.
The principle 'flaw' in NUT server access control is that restricting
access should be done *before* a connection is made, ie at the time a
client initiates a connection (sends the SYN packet). The only way to
reject/drop a connection at that time is through (kernel level) packet
filtering. Therefor, the better way would be to both restrict the
interfaces we're listening on (instead of the default global IPv4
listening address now) and use kernel packet filtering to restrict access.
Best regards, Arjen
More information about the Nut-upsdev
mailing list