Swap bind address for gvproxy to localhost-only - containers/podman.git - forked from: https://github.com/containers/podman.git

diff options

author	Matthew Heon <mheon@redhat.com>	2021-12-03 09:16:39 -0500
committer	Matthew Heon <mheon@redhat.com>	2021-12-03 09:50:51 -0500
commit	57c5e2246efeaf2fef820a482241f1cc43960c7a (patch)
tree	b646cb36a808b7140837b8abf428bee6e7815a5e /cmd/podman/pods/logs.go
parent	815f36af1a68caae85d251b7a1009cf075d55dab (diff)
download	podman-57c5e2246efeaf2fef820a482241f1cc43960c7a.tar.gz podman-57c5e2246efeaf2fef820a482241f1cc43960c7a.tar.bz2 podman-57c5e2246efeaf2fef820a482241f1cc43960c7a.zip

Swap bind address for gvproxy to localhost-only

This resolves CVE-2021-4024, where an attacker could access the API externally and forward any port they desired to the VM from `podman machine`. [NO NEW TESTS NEEDED] gvproxy is not tested directly at this time. Signed-off-by: Matthew Heon <mheon@redhat.com>

Diffstat (limited to 'cmd/podman/pods/logs.go')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: