[CVE-2018-1000115] memcached: restrict to TCP

https://access.redhat.com/security/cve/cve-2018-1000115

Restrict Memcached to only work on TCP.
The configuration only binds memcached on localhost but in case it
changes, we'll prevent DDoS amplification attacks.

Change-Id: Ifc16c8a3229f5fc0f3651e714627b526e4338cfe
Closes-Bug: #1755063
This commit is contained in:
ZhongShengping 2018-03-12 09:51:13 +08:00
parent 5af6306d38
commit 60adcff1ea
1 changed files with 1 additions and 1 deletions

View File

@ -10,4 +10,4 @@ PORT="{{ memcached_port }}"
USER="{{ memcached_user }}"
MAXCONN="{{ memcached_connections }}"
CACHESIZE="{{ memcached_memory }}"
OPTIONS="-l {{ memcached_listen }} -t {{ memcached_threads }} {{ _verbosity }}"
OPTIONS="-U 0 -l {{ memcached_listen }} -t {{ memcached_threads }} {{ _verbosity }}"