You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@zookeeper.apache.org by "Surendra Singh Lilhore (JIRA)" <ji...@apache.org> on 2015/06/25 16:08:04 UTC

[jira] [Created] (ZOOKEEPER-2221) Zookeeper JettyAdminServer server should start on configured IP.

Surendra Singh Lilhore created ZOOKEEPER-2221:
-------------------------------------------------

             Summary: Zookeeper JettyAdminServer server should start on configured IP.
                 Key: ZOOKEEPER-2221
                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2221
             Project: ZooKeeper
          Issue Type: Bug
          Components: quorum
    Affects Versions: 3.5.0
            Reporter: Surendra Singh Lilhore
            Assignee: Surendra Singh Lilhore


Currently JettyAdminServer starting on "0.0.0.0" IP. "0.0.0.0" means "all IP addresses on the local machine". So, if your webserver machine has two ip addresses, 192.168.1.1(private) and 10.1.2.1(public), and you allow a webserver daemon like apache to listen on 0.0.0.0, it will be reachable at both of those IPs.

This is security issue. webserver should be accessible from only configured IP



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)