Source: zookeeper Severity: important Tags: security
Hi. I've noticed that in: /etc/zookeeper/conf/environment the following is set JMXLOCALONLY=false which in turn sets com.sun.management.jmxremote.local.only=false Is there any reason for this? It's neither the default in Java (see e.g. http://www.oracle.com/technetwork/java/javase/compatibility-417013.html) nor does it sound particularly secure if any remote host can connect to JMX. Cheers, Chris. -- System Information: Debian Release: buster/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 4.11.0-2-amd64 (SMP w/8 CPU cores) Locale: LANG=en_DE.UTF-8, LC_CTYPE=en_DE.UTF-8 (charmap=UTF-8), LANGUAGE=en_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-team
