brian at tangent.org
Mon Jun 2 12:55:20 UTC 2008
On Jun 2, 2008, at 9:17 PM, Roy Lyseng wrote:
> For maximum security, they should probably both be disabled by
Debian does this already. Linux distributions typically install
Memcached as best befits their security needs.
> You should also consider a release taxonomy where these kinds of
> changes are not allowed unless there is a major (or minor) release
> number upgrade, and followed by a proper release note.
> For most memcached environments, this is probably not an issue, but
> there may be some combinations of firewall policies and port number
> changes that accidentally cause a security issue.
It was, that was one of the major changes for the 1.2.5 release :)
>> On Jun 2, 2008, at 11:59 AM, Dustin Sallings wrote:
>>> I believe so. Unless you specify a UNIX domain socket, you get
>>> a TCP port.
>> Brian "Krow" Aker, brian at tangent.org
>> Seattle, Washington
>> http://krow.net/ <-- Me
>> http://tangent.org/ <-- Software
>> You can't grep a dead tree.
Brian "Krow" Aker, brian at tangent.org
http://krow.net/ <-- Me
http://tangent.org/ <-- Software
You can't grep a dead tree.
More information about the memcached