http://bugzilla.suse.com/show_bug.cgi?id=1150532
http://bugzilla.suse.com/show_bug.cgi?id=1150532#c1
Matthias Gerstner changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |IN_PROGRESS
--- Comment #1 from Matthias Gerstner ---
This cron job triggers a "maintenance task" at the apt-cacher-ng daemon. This
is basically done by talking to localhost:3142 via TCP and trigger a certain
GET operation. If any credentials are required then those are read from
configuration and passed to the HTTP socket.
The cron job script itself looks okay, the localhost communication should also
be fine. It's unencrypted so if anybody should have the possibility to listen
in e.g. via tcpdump then those credentials could leak. But that is not the
case for regular users by default.
--
You are receiving this mail because:
You are on the CC list for the bug.