[systemd-devel] No security on systemd-journal-gatewayd
Cecil Westerhof
Cecil.Westerhof at Snow.nl
Thu Dec 12 01:49:01 PST 2013
On 12/12/2013 05:20 AM, Kay Sievers wrote:
> On Wed, Dec 11, 2013 at 11:53 PM, Reindl Harald <h.reindl at thelounge.net> wrote:
>> Am 11.12.2013 22:41, schrieb Cecil Westerhof:
>>> I tried out systemd-journal-gatewayd. But it looks like that everyone that can
>>> contact, can get log info. Is that true, or am I overlooking something?
>>
>> as far as i remeber from older posts about it the intention is that
>>
>> a) it is not on by default
>> b) if you turn it on you need to open the port in the firewall too
>> c) if you open the port you do this only for trusted sources
>
> The current implementation is more a proof-of-concept, not used or
> enabled by default. It has zero built-in security, it cannot be used
> or enabled in untrusted environments without externally provided
> protection.
OK, clear. Is there a timetable for a ‘full’ implementation?
More information about the systemd-devel
mailing list