ADSM-L
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ADSM-L] Dsmcad listening port

2015-12-18 11:02:40
Subject: Re: [ADSM-L] Dsmcad listening port
From: Mike De Gasperis <mike.degasperis AT WOWWAY DOT COM>
To: ADSM-L AT VM.MARIST DOT EDU
Date: Fri, 18 Dec 2015 11:00:46 -0500 
You don't need to run the dsmcad technically speaking. You can just run a dsmc 
sched daemon or service. 

> On Dec 18, 2015, at 10:47 AM, Henrik Ahlgren <pablo AT SEESTIETO DOT COM> 
> wrote:
> 
>> On Fri, Dec 18, 2015 at 12:40:46PM +0300, Efim wrote:
>> 
>> CAD opens random port because the option WEBPORT has default value "0 0" and 
>> CAD randomly assign a free TCPport (the first parameter for CAD, the second 
>> for WEB client).
>> I think it’s impossible to prevent this.
>> As workaround you can set fixed port(s) and close it using firewall.
>> Example: WEBPORT 55000 0 or WEBPORT 55000 55001
> 
> Am I the only one that finds this design totally unacceptable? If
> you're not using the webclient functionality and are only using
> schedmode polling, I don't see any reason why dsmcad (often running as
> root, so the security implications are obvious) should listen to a
> network port. Perhaps there is something I am not aware of?
> 
> One might think that setting tcpclientaddress to 127.0.0.1 (localhost)
> would somewhat migitate this, but no - it does not have any effect if
> you are not using schedmode prompted. Yes, of course it is always
> possible to use host-based firewalls to close the ports, but it is a
> workaround that really should not be necessary.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ADSM-L] Node replication information?, Henrik Ahlgren
Next by Date:  Re: [ADSM-L] Dsmcad listening port, Henrik Ahlgren
Previous by Thread:  Re: [ADSM-L] Dsmcad listening port, Henrik Ahlgren
Next by Thread:  Re: [ADSM-L] Dsmcad listening port, Henrik Ahlgren
Indexes:  [Date] [Thread] [Top] [All Lists]