Hello, gosec has reported a debug tool is enabled that sounds dangerous: google-osconfig-agent-20200625.00/main.go:42] - G108 (CWE-200): Profiling endpoint is automatically exposed on /debug/pprof (Confidence: HIGH, Severity: HIGH) 41: > 42: _ "net/http/pprof" 43:
Is this correct? Is this intentional? Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1891934 Title: [MIR] google-osconfig-agent To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/google-osconfig-agent/+bug/1891934/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs