[Nut-upsuser] Is UPSD necessary for average users?
Matus UHLAR - fantomas
uhlar at fantomas.sk
Mon Nov 4 07:50:09 UTC 2013
>> >> > I forgot to mention: by default, NUT listens on localhost. If
>> >> > you are using Linux, you could add a "-m owner --uid-owner" rule
>> >> > to iptables to only match the UID for the NUT system user.
>> >
>> > Thanks; if it listens on localhost by default, that is enough for
>> > me, though I recall that is not as secure as listening on 127.0.0.1.
>On Wed, 16 Oct 2013 08:19:11 +0100 Chris Boot <bootc at bootc.net> wrote:
>> 127.0.0.1 *is* localhost.
On 03.11.13 20:33, David N Melik wrote:
> For some programs, either 'localhost' can mean more than '127.0.0.1' to
> the extent it is suggested to change settings to '127.0.0.1',
where have you seen such suggestion?
> or that is also done because of what is easier to spoof... but I have
> even seen someone on IRC with a hostmask like 'username at 127.0.0.1'.
...someone has connected to the IRC server via localhost address, apparently
the server's admin. That does not mean localhost means anything more than
127.0.0.1.
Configuring localhost address to something other than 127.0.0.1 deserves
breaking many programs and I don't see issue why NUT should take care about
that.
>I would still like to know if running UPSD on a port is essential,
>rather than not having a port... crond and atd, for example, do not
>need ports, so why would UPSD?
Because upsd is the server clients talk to. Since they need to talk to it,
it has to listen on a socket. Implementing unix domain sockets could be a
workaround but it's not an issue that _needs_ to be solved.
--
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
BSE = Mad Cow Desease ... BSA = Mad Software Producents Desease
More information about the Nut-upsuser
mailing list