/etc/conf.d/distccd (recently) has a clear warning about the potential risks of running distccd and tells the user to use --allow/--listen. Unluckily the distcc guide - which is probably the first and only thing a user sometimes reads when dealing with distcc - doesn't mention anything about this. Quote: (Add distccd to the default runlevel) # rc-update add distccd default (Start the distcc daemon) # /etc/init.d/distccd start This implies that distccd is easy to set up and nothing else would be necessary, only advanced users might consider taking a look at /etc/conf.d/distccd. One sentence like "Edit /etc/conf.d/distccd to your needs and be sure to set the --allow directive to allow only hosts you trust, see http://distcc.samba.org/security.html for more information." would be a big improvement. Reproducible: Always Steps to Reproduce:
Lisa, can this be "automated"? I mean, can we assume that only the hosts defined by distcc-config are allowed to access distcc? If we do, we can allow this transparently without having the users update a file. If not, I'll add a paragraph before the "rc-update add distcc default" statement.
Any update on this issue?
Any change to the docs from me will have to wait until December as I am on vacation and away from my main machine.
Okay, proposal put in document. Thanks for reporting!
