listening on 0.0.0.0 (despite security note in README.Debian)
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| openerp-server (Ubuntu) |
Triaged
|
Medium
|
Unassigned | ||
Bug Description
Binary package hint: openerp-server
README.debian says:
* openerp-server in the upstreams configuration listens by default to *all*
interfaces. For security reasons, we do restrict it in the Debian packages
to listen only on localhost. If you need to change this, edit
/etc/
'interface = <your ip>'.
but sudo netstat -anpt returns:
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:8021 0.0.0.0:* LISTEN 2008/python
tcp 0 0 127.0.0.1:8069 0.0.0.0:* LISTEN 2008/python
tcp 0 0 0.0.0.0:8070 0.0.0.0:* LISTEN 2008/python
PID 2008 is: /usr/bin/python ./openerp-server.py --config=
| Changed in openerp-server (Ubuntu): | |
| status: | New → Triaged |
| importance: | Undecided → Medium |
| summary: |
- listening on 0.0.0.0 + listening on 0.0.0.0 (despite security note in README.Debian) |
| Julian Perelli (jperelli) wrote | #1 |
I opened the file
/usr/lib/
There you can see all the correct options used by the configuration (file or arguments)
The correct option seems to be 'xmlrpc_interface' instead of 'interface'. So the documentation has this error and should be fixed. It should say something like
* openerp-server in the upstreams configuration listens by default to *all*
interfaces. For security reasons, we do restrict it in the Debian packages
to listen only on localhost. If you need to change this, edit
/etc/
'xmlrpc_