DistCC 3.1 on Gentoo.

The requirement of --allow ensures that I can not automatically add new hosts using my existing firewall (shorewall) configuration. The configuration I have notifies each cluster member of new hosts coming online. Each host then adds the new host to their /etc/hosts and reloads the firewall config, which parses /etc/hosts in search of cluster members. DistCC access is granted from all cluster members via this firewall configuration.

Not so much if I'm forced to use --allow.

Please change this from a blocking error to a strong warning.

"--allow" is mandatory for security reasons. See http://distcc.googlecode.com/svn/trunk/doc/web/security.html.

This is needed because a distcc client can in principle execute arbitrary code on the distccd server and the distccd server can in principle execute arbitrary code on the distcc client.

If you have a private network for which you trust all of the hosts on your network, and you are not connected to the internet or you have a firewall that blocks connections on the distcc port from untrusted hosts, then you can use "--allow=0.0.0.0/32".