[ZOOKEEPER-2221] Zookeeper JettyAdminServer server should start on configured IP. - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 3.5.0
Fix Version/s: 3.5.1, 3.6.0
Component/s: server
Labels:
None

Description

Currently JettyAdminServer starting on "0.0.0.0" IP. "0.0.0.0" means "all IP addresses on the local machine". So, if your webserver machine has two ip addresses, 192.168.1.1(private) and 10.1.2.1(public), and you allow a webserver daemon like apache to listen on 0.0.0.0, it will be reachable at both of those IPs.

This is security issue. webserver should be accessible from only configured IP

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

ZOOKEEPER-2221.patch
30/Jun/15 06:23
5 kB
Surendra Singh Lilhore
ZOOKEEPER-2221.patch
30/Jun/15 05:36
5 kB
Surendra Singh Lilhore
ZOOKEEPER-2221.patch
29/Jun/15 06:46
4 kB
Surendra Singh Lilhore
ZOOKEEPER-2221_1.patch
27/Jun/15 20:59
4 kB
Surendra Singh Lilhore
ZOOKEEPER-2221.patch
25/Jun/15 14:19
1 kB
Surendra Singh Lilhore

Activity

People

Assignee:: Surendra Singh Lilhore

Reporter:: Surendra Singh Lilhore

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Dates

Created:: 25/Jun/15 14:07

Updated:: 28/Jul/15 06:48

Resolved:: 30/Jun/15 18:51