[Pkg-erlang-devel] Bug#585122: (no subject)
Roland Hieber
rohieb at rohieb.name
Thu Apr 25 15:04:08 UTC 2013
Is there any progress on this?
I can only support the -loopback option. How many users do need to run
distributed applications after all? And if they need to, they probably
know how to configure epmd properly. On the other hand, every single
user who chooses to install an Erlang application that does not
neccessarily need distributed access (like ejabberd, and even gwibber
through CouchDB) opens a security hole on their system WITHOUT EVEN
KNOWING (where is the /usr/share/doc/erlang-base/README entry for that?)
>From a security standpoint, the strategy to bind to 0.0.0.0 by default
is absolute nonsense and potentially hurts more users than it eases
configuration. This is not the good old Debian way to do.
- Roland
More information about the Pkg-erlang-devel
mailing list