Sophie

Sophie

distrib > Mandriva > 9.1 > ppc > by-pkgid > 37e222326095a93978d54b1564dd9954 > files > 126

apcupsd-3.10.5-1mdk.ppc.rpm

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

<html>
<head>
   <link rel=stylesheet href="apcupsd-styles.css" type="text/css">
   <meta name="Author" content="Kern Sibbald">
   <title>Security Issues</title>
</head>

<body>

<h2>Apcupsd Security Issues</h2>
<ul>
<li><b>apcupsd</b> runs as root.</li>
<li>If you have <b>NETSERVER ON</b> in your <a href="configure.html#ConfigInfoServer" >apcupsd.conf</a> file,
be aware that anyone on the network can read the status of your
UPS. This may or may not pose a problem. If you don't consider
this information privileged, as is the case for me, there is little risk. In addition,
if you have a firewall between your servers and the Internet,
hackers will not have access to your UPS information. Additionally,
you can restrict who can access your <b>apcupsd</b> server by
using the <a href="apcnisd.html#ApcnetdINETD">INETD</a> services and using access control lists with
a TCP wrapper or by configuring TCP wrappers in <b>apcupsd</b> (see below for TCP Wrapper
details). 
<li>If you are running master/slave networking with a single
UPS powering multiple machines, be aware that it is possible
for someone to simulate the master and send a shutdown request
to your slaves. The slaves do check that the network address
of the machine claiming to be the master is that same as the address
returned by DNS corresponding to the name of the master as specified
in your configuration file.
</ul>
<h2>TCP Wrappers</h2>
As of apcupsd version 3.8.2, TCP Wrappers are implemented if
you turn them on when configuring (<b>./configure --with-libwrap</b>).
With this code enabled, you may control who may access your
<b>apcupsd</b> via TCP connections (the Network Information Server,
and the Master/Slave code). This control is done by modifying the
file: <b>/etc/hosts.allow</b>. This code is implemented but untested.
If you use it, please send us some feedback.
<hr>

<a href="master-slave.html" target="_self"><img src="back.gif" border=0 alt="Back"></a>
<a href="status.html" target="_self"><img src="next.gif" border=0 alt="Next"></a>
<a href="index.html"><img src="home.gif" border=0 alt="Home"></a>
</body>
</html>

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional