ADSM-L
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ADSM-L] Dsmcad listening port

2015-12-18 10:49:25
Subject: Re: [ADSM-L] Dsmcad listening port
From: Henrik Ahlgren <pablo AT SEESTIETO DOT COM>
To: ADSM-L AT VM.MARIST DOT EDU
Date: Fri, 18 Dec 2015 17:47:43 +0200 
On Fri, Dec 18, 2015 at 12:40:46PM +0300, Efim wrote:

> CAD opens random port because the option WEBPORT has default value "0 0" and 
> CAD randomly assign a free TCPport (the first parameter for CAD, the second 
> for WEB client).
> I think it’s impossible to prevent this.
> As workaround you can set fixed port(s) and close it using firewall.
> Example: WEBPORT 55000 0 or WEBPORT 55000 55001

Am I the only one that finds this design totally unacceptable? If
you're not using the webclient functionality and are only using
schedmode polling, I don't see any reason why dsmcad (often running as
root, so the security implications are obvious) should listen to a
network port. Perhaps there is something I am not aware of?

One might think that setting tcpclientaddress to 127.0.0.1 (localhost)
would somewhat migitate this, but no - it does not have any effect if
you are not using schedmode prompted. Yes, of course it is always
possible to use host-based firewalls to close the ports, but it is a
workaround that really should not be necessary.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ADSM-L] Node replication information?, Robert Clark
Next by Date:  Re: [ADSM-L] Node replication information?, Henrik Ahlgren
Previous by Thread:  Re: [ADSM-L] Dsmcad listening port, Efim
Next by Thread:  Re: [ADSM-L] Dsmcad listening port, Mike De Gasperis
Indexes:  [Date] [Thread] [Top] [All Lists]