Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Limits the services on port 2156 and 2157 to localhost.

The Microkernel exposes two services on ports 2156 and 2157
as part of Tiny Core Linux. The service available on port 2156
handles configuration of the running Microkernel image. It is
unauthenticated, and allows users to load kernel modules and add
new extensions to TCL. The service on 2157 provides information
about the running system.

This commit limits those services to localhost, thus preventing
anyone from accessing them remotely.
  • Loading branch information...
commit 76df43bbb44be8db7bb0e46f0e78f5721d478f5c 1 parent 8333d1f
@thallgren thallgren authored daniel-pittman committed
Showing with 3 additions and 4 deletions.
  1. +1 −1  rz_mk_tce_mirror.rb
  2. +2 −3 rz_mk_web_server.rb
View
2  rz_mk_tce_mirror.rb
@@ -62,7 +62,7 @@ def do_GET(req, res)
# Now, create an HTTP Server instance (and Daemonize it)
-s = HTTPServer.new(:Port => 2157, :Logger => logger, :ServerType => WEBrick::Daemon)
+s = HTTPServer.new(:Port => 2157, :Logger => logger, :ServerType => WEBrick::Daemon, :BindAddress => "127.0.0.1")
# mount our servlets as directories under our HTTP server's URI
View
5 rz_mk_web_server.rb
@@ -19,8 +19,7 @@
include WEBrick
# next, define our actions (as servlets)...for now we have one (used to
-# save the Microkernel Configuration that is received from the MCollective
-# Configuration Agent)
+# save the Microkernel Configuration)
class MKConfigServlet < HTTPServlet::AbstractServlet
@@ -80,7 +79,7 @@ def do_POST(req, res)
# Now, create an HTTP Server instance (and Daemonize it)
-s = HTTPServer.new(:Port => 2156, :Logger => logger, :ServerType => WEBrick::Daemon)
+s = HTTPServer.new(:Port => 2156, :Logger => logger, :ServerType => WEBrick::Daemon, :BindAddress => "127.0.0.1")
# mount our servlets as directories under our HTTP server's URI
Please sign in to comment.
Something went wrong with that request. Please try again.