warnIfNotLoopback prints a security warning when the API server is bound to an address other than loopback. The default --listen value is 127.0.0.1, so reaching this code path means the operator was explicit about exposing the API; we just remind them that the API has no authentication.
(out *cli.Printer, addr net.Addr)
| 145 | // reaching this code path means the operator was explicit about exposing the |
| 146 | // API; we just remind them that the API has no authentication. |
| 147 | func warnIfNotLoopback(out *cli.Printer, addr net.Addr) { |
| 148 | tcpAddr, ok := addr.(*net.TCPAddr) |
| 149 | if !ok { |
| 150 | // Unix sockets and named pipes rely on filesystem permissions. |
| 151 | return |
| 152 | } |
| 153 | if tcpAddr.IP.IsLoopback() { |
| 154 | return |
| 155 | } |
| 156 | out.Println("WARNING: API server is listening on a non-loopback address.") |
| 157 | out.Println(" The API has no authentication; anyone able to reach") |
| 158 | out.Println(" this address can run agents and access all sessions.") |
| 159 | slog.Warn("API server bound to non-loopback address", "addr", tcpAddr.String()) |
| 160 | } |
no test coverage detected