[distcc] distcc 2.18 released
Martin Pool
mbp at sourcefrog.net
Fri Oct 15 01:27:04 GMT 2004
On 14 Oct 2004, Victor Norman <vtnpgh at yahoo.com> wrote:
> Because our engineers are on umpteen different networks in our organization,
> all of which is behind a firewall. I figure that if some hacker is good enough
> to get into our organization, he deserves to be able to use distccd as medium
> for doing more harm. In any case, once he's in, there are plenty more
> well-known ways to get at stuff. And, if he uses distccd to run stuff on
> remote machines, then he'll be running that stuff as me (user norman), which
> means he can only do what I can do in the network -- which is mostly just mess
> up my own stuff. I'm willing to take that risk.
>
> It certainly is alot easier than putting about 14 --allow statements in each
> distccd startup command-line.
The /allow mask doesn't need to correspond to the netmask used by the
computers, it just needs to match their IP. So if you really insist
on it, a /0 or two /1 masks will match everything.
Even my massive employer manages to get by with only about 4 class-A
networks. Do you really have more than that?
--
Martin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.samba.org/archive/distcc/attachments/20041015/0c4a125b/attachment.bin
More information about the distcc
mailing list