I would suggest that it not accept external connections by default, and that it would scroll an obvious warning/error in the terminal where the start script is run saying something like "****Attempt made to connect to server from another computer, IP=xxx.xxx.xxx.yyy. By default this attempt is rejected, however to enable remote viewing of this TG web app uncomment the line X from your dev.cfg file.****
It is a wrong behavior to start serving pages by default. I know apache does it depending on how it is installed, but generally security should be on by default. Let's just hope there aren't ever any remote exploits in a default install of TG, and this will be mostly a non-issue. (I'm pessimistic) --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "TurboGears" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/turbogears -~----------~----~----~----~------~----~------~--~---
