It appears that when using sysclone provisioning method the rsyncd deamon
started by systemimager on teh xcat server is allowing any user with no
password to connect and download any xcat sysclone image.
If the provisioning network is shared with the same network that users use
to connect to nodes that means that any user can download an xcat syclone
image. That is a potential big security hole. Was sysclone intended to be
use only on secure provisioning network (not mentioned in sysclone manual)
? Would anyone recommend a way to restrict systemimager to not allow
passwordless access from any user on the provisioning network?
--
Wojciech
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xcat-user
