Skip to content

Try to design a check for misuage of "yunohost firewall allow" #79

@alexAubin

Description

@alexAubin

Many apps do use this because they think "oh, that service I installed uses a port ... I should allow it in the firewall" whereas it's only for internal use ... Which is in fact a security issue (maybe not if being a NAT, but it is for a VPS)

Maybe use the --need-exposed-port of 3.8 ... Or maybe check for proxy_pass in the nginx conf ...

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions