Should listen on local network only

Do you intend strictly link-local addresses? e.g. 169.254.0.0/16 or fe80::/10?

Thanks

I rather had in mind to limit snapweb to hosts on the directly attached network; e.g. if you're on 192.168.0.0/24, then only these and not a public IP address connecting to you (e.g. port redirect). Perhaps the limit should be to RFC 1918 addresses by default? The intention is that people in the same LAN can talk to the device, but not people across the Internet – by default at least.

i would match the network holding the default route against RFC 1918 and only allow that range.

This feels like an assumption that will create more awkward problems than it will solve.

A machine with an IP in the local network cannot be contacted from the outside without a route. So either the machine is already on a public IP, in which case constraining it to the public IP range doesn't help, or the machine is in a NATed address which would not be accessible anyway.

Then, even if the machine is in the local network, that doesn't make it secure, so we must be aware of the attack vectors and plan accordingly regardless.

So it feels like the sort of solution people will need to read the documentation to disable because we forgot about N cases which are not covered, while not in fact making it any more secure.

I've made this public once again since, as of snapweb 0.21.2, authentication is required to use snapweb. I'd say that this bug is now a much lower priority since connecting users must authenticate.

Per above notes, I would close this bug. As perceived in discussions these past two weeks, network being local or not is not relevant for whether we consider a security issue serious or not.

Given we have a stricter way of authenticating, I'm closing this