Comment # 2 on bug 1150532 from 
On second thought: localhost port 3142 is unprivileged and thus a local user
could fire up a fake server. The acngtool only wants to trigger something at
the server but to do so generic HTTP processing is involved. This HTTP
processing is done with seemingly custom HTTP handling code in
source/dlcon.cc. It also supports HTTP chunked encoding which has been a
source of security issues in other packages in the past. A first look into the
handling of this looks okay in the code.

You are receiving this mail because: