MCPcopy Index your code
hub / github.com/docker/docker-agent / warnIfNotLoopback

Function warnIfNotLoopback

cmd/root/api.go:147–160  ·  view source on GitHub ↗

warnIfNotLoopback prints a security warning when the API server is bound to an address other than loopback. The default --listen value is 127.0.0.1, so reaching this code path means the operator was explicit about exposing the API; we just remind them that the API has no authentication.

(out *cli.Printer, addr net.Addr)

Source from the content-addressed store, hash-verified

145// reaching this code path means the operator was explicit about exposing the
146// API; we just remind them that the API has no authentication.
147func warnIfNotLoopback(out *cli.Printer, addr net.Addr) {
148 tcpAddr, ok := addr.(*net.TCPAddr)
149 if !ok {
150 // Unix sockets and named pipes rely on filesystem permissions.
151 return
152 }
153 if tcpAddr.IP.IsLoopback() {
154 return
155 }
156 out.Println("WARNING: API server is listening on a non-loopback address.")
157 out.Println(" The API has no authentication; anyone able to reach")
158 out.Println(" this address can run agents and access all sessions.")
159 slog.Warn("API server bound to non-loopback address", "addr", tcpAddr.String())
160}

Callers 2

runAPICommandMethod · 0.85
startAttachedServerMethod · 0.85

Calls 3

PrintlnMethod · 0.80
WarnMethod · 0.80
StringMethod · 0.45

Tested by

no test coverage detected