Custom Query (2447 matches)


Show under each result:

Results (214 - 216 of 2447)

Ticket Resolution Summary Owner Reporter
#529 Fixed Add authentication to core andar

deluged seem to allow connections from anyone on localhost; this is obviously not secure if there are more than one user on a system. For example:

  1. Create a torrent with a file called ".profile", upload to any tracker.
  2. Connect to the deluge daemon that another user is running.
  3. Change the download folder to the user $HOME, and add the torrent.
  4. The .profile can contain anything, and will be executed when the user logs in next time, for example: alias sudo=/home/hacker/sudo_and_log_password

It can also be a security risk even in a single-user setting, if other servers are running (as unprivileged users) on the same system that are less secure and can be hacked (http, ftp, etc).

Some sort of authentication is needed.

#530 Fixed sending bad statistic data andar

When suspended and followed by torrent initialization again, Deluge sends the number of data as if the torrent starts to download from the beginning again.

#531 Fixed DEBUG logging should not be the default andar

deluge start with logging in debug mode enabled, and with the output set to console. This is bad because stdout and stderr output are redirected to .xsession-errors by default when you lunch deluge from the desktop (from the menu, a desktop icon, downloading a .torrent, etc).

The logger should only report messages of level ERROR or higher by default, and should be an option to change this from the command line.

Batch Modify
Note: See TracBatchModify for help on using batch modify.
Note: See TracQuery for help on using queries.