[CVE-2018-1000115] memcached: restrict to TCP

https://access.redhat.com/security/cve/cve-2018-1000115 Restrict Memcached to only work on TCP. The configuration only binds memcached on localhost but in case it changes, we'll prevent DDoS amplification attacks. Change-Id: Ifc16c8a3229f5fc0f3651e714627b526e4338cfe Closes-Bug: #1755063
2018-03-12 09:51:13 +08:00 · 2018-03-12 09:51:13 +08:00 · 60adcff1ea
commit 60adcff1ea
parent 5af6306d38
1 changed files with 1 additions and 1 deletions
--- a/templates/memcached.redhat.j2
+++ b/templates/memcached.redhat.j2
@ -10,4 +10,4 @@ PORT="{{ memcached_port }}"
 USER="{{ memcached_user }}"
 MAXCONN="{{ memcached_connections }}"
 CACHESIZE="{{ memcached_memory }}"
-OPTIONS="-l {{ memcached_listen }} -t {{ memcached_threads }} {{ _verbosity }}"
+OPTIONS="-U 0 -l {{ memcached_listen }} -t {{ memcached_threads }} {{ _verbosity }}"