On Fri, Jul 22, 2022 at 4:45 AM Greg Troxel <gdt@lexort.com> wrote:

>
> Aleix Conchillo Flaqué <aconchillo@gmail.com> writes:
>
> >> Using INADDR_ANY instead of INADDR_LOOPBACK makes it convenient when
> >> starting the web server inside containers without the need to having to
> >> specify INADDR_ANY all the time. This is the default in most libraries
> >> and languages.
>
> I may be an outlier, but I don't think we should optimize for
> containers.  I think that by default, most things that can reasonably
> just listen on localhost should and those that want wider scope can
> configure them (which should be easy and apparently is).
>
> It seems this was an earlier conscious choice, from reading the patched
> docs.
>
>
Agree about the container comment. As I said on the other email, I have no
idea why I wrote container there since I never run Guile in a container.

>> This doesn't break backwards compatibility since INADDR_LOOPBACK is also
> >> included in INADDR_ANY.
>
> It does break compat because the previous way had a security property
> that this one doesn't.  This is fundamentally a disagreement about what
> "works" means.  Some people think works primarily means "when I click X
> I see Y" and others thinks works primarily means "security properties
> (that nothing bad happens" are upheld".
>

Makes sense as well. Thank you for your input!

Best,

Aleix