Hi Charles, Well, most sysadmins that I know, including the sysadmin that is me :), prefer security in depth and don't want an either-or choice between application-level and system-level ACLs.
> Note also that newer versions of NUT are dropping ACLs in favor of > binding to interfaces (with a failsafe default of not binding to any > interfaces automatically). I believe the rationale was that by binding > to a specific interface, there is no chance for someone to exploit any > potential holes in the NUT ACL code. That's not a meaningful solution for users who want to allow remote access from certain addresses and only have one interface. -- [SRU] ACL covering all IPv4 addresses is broken in 2.2.1 https://bugs.launchpad.net/bugs/235653 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
