listening on 0.0.0.0 (despite security note in README.Debian)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
openerp-server (Ubuntu) |
Triaged
|
Medium
|
Unassigned |
Bug Description
Binary package hint: openerp-server
README.debian says:
* openerp-server in the upstreams configuration listens by default to *all*
interfaces. For security reasons, we do restrict it in the Debian packages
to listen only on localhost. If you need to change this, edit
/etc/
'interface = <your ip>'.
but sudo netstat -anpt returns:
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:8021 0.0.0.0:* LISTEN 2008/python
tcp 0 0 127.0.0.1:8069 0.0.0.0:* LISTEN 2008/python
tcp 0 0 0.0.0.0:8070 0.0.0.0:* LISTEN 2008/python
PID 2008 is: /usr/bin/python ./openerp-server.py --config=
Changed in openerp-server (Ubuntu): | |
status: | New → Triaged |
importance: | Undecided → Medium |
summary: |
- listening on 0.0.0.0 + listening on 0.0.0.0 (despite security note in README.Debian) |
I opened the file
/usr/lib/ pymodules/ python2. 7/openerp/ tools/config. py
There you can see all the correct options used by the configuration (file or arguments)
The correct option seems to be 'xmlrpc_interface' instead of 'interface'. So the documentation has this error and should be fixed. It should say something like
* openerp-server in the upstreams configuration listens by default to *all* openerp- server. conf and replace 'xmlrpc_interface = localhost' with interface = <your ip>'.
interfaces. For security reasons, we do restrict it in the Debian packages
to listen only on localhost. If you need to change this, edit
/etc/
'xmlrpc_