Permalink
Browse files

Limits the services on port 2156 and 2157 to localhost.

The Microkernel exposes two services on ports 2156 and 2157
as part of Tiny Core Linux. The service available on port 2156
handles configuration of the running Microkernel image. It is
unauthenticated, and allows users to load kernel modules and add
new extensions to TCL. The service on 2157 provides information
about the running system.

This commit limits those services to localhost, thus preventing
anyone from accessing them remotely.
  • Loading branch information...
1 parent 8333d1f commit 76df43bbb44be8db7bb0e46f0e78f5721d478f5c @thallgren thallgren committed with slippycheeze Jan 21, 2013
Showing with 3 additions and 4 deletions.
  1. +1 −1 rz_mk_tce_mirror.rb
  2. +2 −3 rz_mk_web_server.rb
View
@@ -62,7 +62,7 @@ def do_GET(req, res)
# Now, create an HTTP Server instance (and Daemonize it)
-s = HTTPServer.new(:Port => 2157, :Logger => logger, :ServerType => WEBrick::Daemon)
+s = HTTPServer.new(:Port => 2157, :Logger => logger, :ServerType => WEBrick::Daemon, :BindAddress => "127.0.0.1")
# mount our servlets as directories under our HTTP server's URI
View
@@ -19,8 +19,7 @@
include WEBrick
# next, define our actions (as servlets)...for now we have one (used to
-# save the Microkernel Configuration that is received from the MCollective
-# Configuration Agent)
+# save the Microkernel Configuration)
class MKConfigServlet < HTTPServlet::AbstractServlet
@@ -80,7 +79,7 @@ def do_POST(req, res)
# Now, create an HTTP Server instance (and Daemonize it)
-s = HTTPServer.new(:Port => 2156, :Logger => logger, :ServerType => WEBrick::Daemon)
+s = HTTPServer.new(:Port => 2156, :Logger => logger, :ServerType => WEBrick::Daemon, :BindAddress => "127.0.0.1")
# mount our servlets as directories under our HTTP server's URI

0 comments on commit 76df43b

Please sign in to comment.