MongoDB Security & Defaults
Ryan S. Brown
ryansb at redhat.com
Fri Feb 13 22:37:13 UTC 2015
On 02/13/2015 11:25 AM, Frank Ch. Eigler wrote:
> "Ryan S. Brown" <ryansb at redhat.com> writes:
>> [...] In January, the Fedora rawhide package for mongo was
>> changed to listen on all interfaces by default [...] To help
>> protect users, I think the default should be changed back to
>> localhost only. [...]
> We have a slew of network-servers in the fedora distribution.
> Apprx. none of them are supposed to be turned on just by virtue of rpm
> installation (so, require an explicit systemctl enable), and apprx.
> none of them get through the system-default firewalld setup. The
> out-of-the-box risk is therefore nil.
As far as the firewall setup: if they wouldn't get through the firewall,
then there's already extra configuration for operators that want to make
it available to everyone. Why not also have it listen by default on
localhost as an additional safety measure. Especially since *that's how
it is in all current releases*. There's no benefit to moving away from
the (sane) default of localhost-only.
> If you'd like to pursue a distro-wide change for this
> interface-binding level of security, please consider pursuing it via a
> Fedora Change type process rather than piecemeal package-by-package.
I didn't consider this as a distro-wide change, I'll look at the
existing policies and see if there are any that cover this.
Ryan Brown / Software Engineer, Openstack / Red Hat, Inc.
More information about the devel