29 Jun
2013
29 Jun
'13
12:12 p.m.
On Fri, 2013-06-28 at 10:20 +0200, Christian GrĂ¼n wrote:
[...] If you want to avoid that the BaseX server is visible and can be controlled from outside, you can e.g. restrict the SERVERHOST option to localhost [1,2].
I do that on fromoldbooks.org, but when I upgraded basex it of course started using a different conf file (without me realising) and became insecure. It would be better if listening on localhost could be the default: make packages reasonably secure by default.
Liam
--
Liam Quin - XML Activity Lead, W3C, http://www.w3.org/People/Quin/
Pictures from old books: http://fromoldbooks.org/
Ankh: irc.sorcery.net irc.gnome.org freenode/#xml