127.0.0.1 by default vs 0.0.0.0

[nol166]

• code-server version: v1.604-vsc1.32.0
• OS Version: macOS 10.14.4 (18E226)

Description

It has been discussed that using 127.0.0.1 might be better than using 0.0.0.0 for the default host for security reasons when running code-server. A user should have to explicitly set 0.0.0.0 as the host if they want to use it with the -h flag

Steps to Reproduce

1. Start code server INFO Starting webserver... {"host":"0.0.0.0","port":8443}

[MichaelDesantis]

@nol166 is there any record of this discussion that you can link to this issue?

[nol166]

@nhooyr Discussed it this morning and asked me to make this issue

https://superuser.com/questions/949428/whats-the-difference-between-127-0-0-1-and-0-0-0-0

[coadler]

I think the overwhelming use case of code-server would be to access it over the internet, not from the same machine. If this is a security issue why not just remove the --no-auth flag from the docker one-liner?

[coadler]

I think a better solution would be to just add a warning. Changing the default behavior would most likely break a lot of scripts/deployments

[nol166]

@coadler That might be a better solution if it will screw up deployments. Thoughts @nhooyr?

[nhooyr]

Yea I agree it would be a bad idea to change the behaviour. I guess what we really want is to listen on localhost if the --no-auth or --allow-http flags are passed as at that point listening on 0.0.0.0 is potentially insecure.

[coadler]

That seems sensible to me. I could see this affecting people behind reverse proxies that handle auth/tls upstream though, so we should be sure to document the change on the next release

[nol166]

updated the pr

[MichaelDesantis]

PR is here for people from the future following this thread #441