From 1e3f1467071c677f659277d3aeda61a44da18282 Mon Sep 17 00:00:00 2001 From: Klaus Schmidinger Date: Fri, 9 Feb 2018 15:19:59 +0100 Subject: [PATCH] Replaced the warning regarding the open SVDRP port in the INSTALL file with a remarkabout using svdrphosts.conf to completely disable SVDRP access --- HISTORY | 4 +++- INSTALL | 9 ++++----- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/HISTORY b/HISTORY index cdb2d19f..bc245fa4 100644 --- a/HISTORY +++ b/HISTORY @@ -9162,7 +9162,7 @@ Video Disk Recorder Revision History a subdirectory. - SVDRP peering can now be limited to the default SVDRP host (see MANUAL for details). -2018-02-05: Version 2.3.9 +2018-02-09: Version 2.3.9 - Updated the Italian OSD texts (thanks to Diego Pierotto). - Updated the Finnish OSD texts (thanks to Rolf Ahrenberg). @@ -9259,3 +9259,5 @@ Video Disk Recorder Revision History - Added the UPDATE-2.4.0 file. - Making sure cSVDRPClient::Process() reads the entire reply once it started reading, even if no Response parameter is given. +- Replaced the warning regarding the open SVDRP port in the INSTALL file with a remark + about using svdrphosts.conf to completely disable SVDRP access. diff --git a/INSTALL b/INSTALL index 74caf30b..e75c0385 100644 --- a/INSTALL +++ b/INSTALL @@ -73,16 +73,15 @@ port ("Simple Video Disk Recorder Protocol"). By default, it listens on port 6419 (use the --port=PORT option to change this). For details about the SVDRP syntax see the source file 'svdrp.c'. -WARNING: DUE TO THE OPEN SVDRP PORT THIS PROGRAM MAY CONSTITUTE A -======= POTENTIAL SECURITY HAZARD! IF YOU ARE NOT RUNNING VDR IN - A CONTROLLED ENVIRONMENT, YOU MAY WANT TO DISABLE SVDRP - BY USING '--port=0'! - The file 'svdrphosts.conf' can be used to define which hosts are allowed to access the SVDRP port. By default only localhost (127.0.0.1) is granted access. If you want to give other hosts access to your SVDRP port you need to add their IP numbers to 'svdrphosts.conf'. +You can disable SVDRP access entirely by either running VDR with '--port=0', +or by removing all entries (including 127.0.0.1 for the localhost) from +'svdrphosts.conf'. + If the program shall run as a daemon, use the --daemon option. This will completely detach it from the terminal and will continue as a background process.