Hi Jim,
On Thu, Oct 10, 2019 at 04:31:01PM +0800, Jim Mee wrote:
> Hi all,
>
> I recently found glances <https://packages.debian.org/buster/glances>
> package has added an XMLRPC API server that provides access for remote
> users. Unfortunately it requires no authentication, and worse, it binds to
> 0.0.0.0, meaning glances API is exposed to the whole network.
>
> I suggest that the packager adds a random password on install, and remind
> the user to change it afterwards.
Can you fill this as regular bug against the package (ideally with
reportbug otherwise for alterntive
https://www.debian.org/Bugs/Reporting)?
Regards,
Salvatore