search

mitchellh / boot2docker-vagrant-box

Packer scripts to build a Vagrant-compatible boot2docker box.
424 stars 183 forks source link

Allow forwarded_port 4243 to be overridden; Listen on 127.0.0.1 only by ... #52

Closed dlitz closed 10 years ago

dlitz commented 10 years ago

...default.

The Docker port allows arbitrary remote code execution inside the VM, so we don't want that turned on by default.

Unfortunately, this is still going to be a problem for users of the vmware_fusion provider, since it apparently ignores the :host_ip parameter:

https://github.com/mitchellh/vagrant/issues/3916

Adding :id => "docker" allows downstream users of the box to disable the port-forward using something like this in their Vagrantfile:

config.vm.network "forwarded_port", guest: 4243, host: 4243, id: "docker", disabled: true
fnichol commented 10 years ago

@dlitz dang, didn't know about the id: trick, in fact I was in that code a few weeks ago to disable this very thing.