Modify

Opened 3 years ago

Closed 3 years ago

#19051 closed defect (invalid)

what are the specific security exposures of rpcd?

Reported by: dtaht Owned by: developers
Priority: normal Milestone:
Component: packages Version: Trunk
Keywords: Cc:

Description

I see that rpcd includes a login/password combination in plain text.

It is a required component of luci-base for some reason.

What does this tool do, why is it needed, and what are it's possible security risks?

Attachments (0)

Change History (1)

comment:1 Changed 3 years ago by jow

  • Resolution set to invalid
  • Status changed from new to closed

It is a service providing ubus methods via a local unix domain socket. It is not reachable via TCP or UDP and manges the login sessions for LuCI. For further details use the forum or mailing lists, this is a bug tracker.

Add Comment

Modify Ticket

Action
as closed .
The resolution will be deleted. Next status will be 'reopened'.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.