If I understand correctly from the bug report, Azureus is using a local TCP port as a form of inter-process communication which allows all local users capable of connecting to the port to control each others' Azureus instances. Is this correct?
This is also an upstream bug, and probably a design flaw more than a security vulnerability. If it's not too much trouble, would you mind filing this bug upstream too?
Thanks for your bug report,
If I understand correctly from the bug report, Azureus is using a local TCP port as a form of inter-process communication which allows all local users capable of connecting to the port to control each others' Azureus instances. Is this correct?
This is also an upstream bug, and probably a design flaw more than a security vulnerability. If it's not too much trouble, would you mind filing this bug upstream too?