You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@servicecomb.apache.org by "yangwenjun (JIRA)" <ji...@apache.org> on 2019/01/29 09:05:00 UTC
[jira] [Created] (SCB-1140) 容器场景,默认配置服务监听地址0.0.0.0会有安全问题
yangwenjun created SCB-1140:
-------------------------------
Summary: 容器场景,默认配置服务监听地址0.0.0.0会有安全问题
Key: SCB-1140
URL: https://issues.apache.org/jira/browse/SCB-1140
Project: Apache ServiceComb
Issue Type: Improvement
Components: Java-Chassis
Affects Versions: java-chassis-1.1.0, java-chassis-1.0.0, java-chassis-1.0.0-m2, java-chassis-1.0.0-m1
Reporter: yangwenjun
目前,服务监听地址配置为0.0.0.0时,会监听0.0.0.0,而会默认随机选择一个网卡作为发布地址。
容器场景,业务开发无法得知实际的容器ip,通常会把监听地址配置为0.0.0.0。
与敏之和安全se确认,安全要求容器内也不可监听0.0.0.0的ip。
因此,当服务监听地址配置为0.0.0.0时,建议按服务发布地址的处理方式,随机选择一个网卡作为监听地址。
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)