135/netdisco
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

improve security notice on communit rw string

Browse Source
This commit is contained in:
Oliver Gorwits
2013-08-26 17:54:05 +01:00
parent 47e7fe3468
commit 127f50a7a0
2 changed files with 16 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
Netdisco/lib/App/Netdisco/Manual/Configuration.pod
View File

@@ -646,10 +646,6 @@ C<portctl_timeout>
=item *
C<portcontrol>
=item *
C<snmpforce_v1>
=item *

17
Netdisco/lib/App/Netdisco/Manual/ReleaseNotes.pod
View File

@@ -19,7 +19,22 @@ You can now configure LDAP authentication for users.
=head2 Security Notices
The read-write SNMP community is now stored in the database, when used for the
first time on a device.
first time on a device. If you don't want the web frontend to be able to
access this, you need to:
=over 4
=item *
Have separate C<deployment.yml> files for web frontend and daemon, such that
only the daemon config contains any community strings.
=item *
Use separate Postgres users for web frontend and daemon, such that the web
frontend user cannot SELECT from the C<community> DB table.
=back
=head1 2.011000