On Fri, Jul 22, 2022 at 4:45 AM Greg Troxel <g...@lexort.com> wrote: > > Aleix Conchillo Flaqué <aconchi...@gmail.com> writes: > > >> Using INADDR_ANY instead of INADDR_LOOPBACK makes it convenient when > >> starting the web server inside containers without the need to having to > >> specify INADDR_ANY all the time. This is the default in most libraries > >> and languages. > > I may be an outlier, but I don't think we should optimize for > containers. I think that by default, most things that can reasonably > just listen on localhost should and those that want wider scope can > configure them (which should be easy and apparently is). > > It seems this was an earlier conscious choice, from reading the patched > docs. > > Agree about the container comment. As I said on the other email, I have no idea why I wrote container there since I never run Guile in a container.
>> This doesn't break backwards compatibility since INADDR_LOOPBACK is also > >> included in INADDR_ANY. > > It does break compat because the previous way had a security property > that this one doesn't. This is fundamentally a disagreement about what > "works" means. Some people think works primarily means "when I click X > I see Y" and others thinks works primarily means "security properties > (that nothing bad happens" are upheld". > Makes sense as well. Thank you for your input! Best, Aleix
