Comment 1 for bug 1945533

As for security risks of this bug, I suppose it's that any local user or process on the server could inject fake/misleading metrics, or is the socket used for something else?