add a note about security implications of anamon code, just so folks know that it allows unauthed logging access if enabled. This is not a major concern because it's off by default and also provisioning servers should /not/ be 100% public to the intertubes.

author: Michael DeHaan <mdehaan@redhat.com> 2008-12-22 17:02:10 -0500
committer: Michael DeHaan <mdehaan@redhat.com> 2008-12-22 17:02:10 -0500
commit: 976817ff10226df237f7d28ea2824a9c91fb705d (patch)
tree: b4a8433c8365aa2b01ba7e847e86b0ff90cc172d /installer_templates
parent: 28a5bf0a8eeffc77f039020d809cb70625350346 (diff)
download: cobbler-976817ff10226df237f7d28ea2824a9c91fb705d.tar.gz
cobbler-976817ff10226df237f7d28ea2824a9c91fb705d.tar.xz
cobbler-976817ff10226df237f7d28ea2824a9c91fb705d.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/installer_templates/settings.template b/installer_templates/settings.template
index 01c19a2d..19e5c6d3 100644
--- a/installer_templates/settings.template
+++ b/installer_templates/settings.template
@@ -290,7 +290,9 @@ syslog_port: 25150
 # server.  With 'anamon_enabled', kickstart templates may use the pre_anamon
 # snippet to allow remote live monitoring of their installations from the
 # cobbler server.  Installation logs will be stored under
-# /var/log/cobbler/anamon.
+# /var/log/cobbler/anamon/.  NOTE: This does allow an xmlrpc call to send logs
+# to this directory, without authentication, so enable only if you are
+# ok with this limitation.
 anamon_enabled: 0
 
 # locations of the TFTP binary and config file
author	Michael DeHaan <mdehaan@redhat.com>	2008-12-22 17:02:10 -0500
committer	Michael DeHaan <mdehaan@redhat.com>	2008-12-22 17:02:10 -0500
commit	976817ff10226df237f7d28ea2824a9c91fb705d (patch)
tree	b4a8433c8365aa2b01ba7e847e86b0ff90cc172d /installer_templates
parent	28a5bf0a8eeffc77f039020d809cb70625350346 (diff)
download	cobbler-976817ff10226df237f7d28ea2824a9c91fb705d.tar.gz cobbler-976817ff10226df237f7d28ea2824a9c91fb705d.tar.xz cobbler-976817ff10226df237f7d28ea2824a9c91fb705d.zip