udp question
Brian Aker
brian at tangent.org
Mon Jun 2 12:55:20 UTC 2008
Hi!
On Jun 2, 2008, at 9:17 PM, Roy Lyseng wrote:
> For maximum security, they should probably both be disabled by
> default.
Debian does this already. Linux distributions typically install
Memcached as best befits their security needs.
> You should also consider a release taxonomy where these kinds of
> changes are not allowed unless there is a major (or minor) release
> number upgrade, and followed by a proper release note.
> For most memcached environments, this is probably not an issue, but
> there may be some combinations of firewall policies and port number
> changes that accidentally cause a security issue.
It was, that was one of the major changes for the 1.2.5 release :)
Cheers,
-Brian
>
>
> Thanks,
> Roy
>> Cheers,
>> -Brian
>> On Jun 2, 2008, at 11:59 AM, Dustin Sallings wrote:
>>> I believe so. Unless you specify a UNIX domain socket, you get
>>> a TCP port.
>>>
>> --
>> _______________________________________________________
>> Brian "Krow" Aker, brian at tangent.org
>> Seattle, Washington
>> http://krow.net/ <-- Me
>> http://tangent.org/ <-- Software
>> _______________________________________________________
>> You can't grep a dead tree.
--
_______________________________________________________
Brian "Krow" Aker, brian at tangent.org
Seattle, Washington
http://krow.net/ <-- Me
http://tangent.org/ <-- Software
_______________________________________________________
You can't grep a dead tree.
More information about the memcached
mailing list