Skip to content

Allow binding to local addresses #6737

New issue
New issue
Open
Open
Allow binding to local addresses#6737
Labels
enhancementNew feature or requestsandboxIssues related to permissions or sandboxing
@josevalim

Description

@josevalim
josevalim
opened on Nov 16, 2025

What feature would you like to see?

Some build tools require binding to local address for compilation and code execution to work, such as Elixir's Mix. One potential option here is to allow such operations in the sandbox.

However, one could also claim that we should have a security profile that allows localhost connections. That's because many development tools need to talk to the database, Redis, etc. Of course, allowing outgoing localhost connections expands the threat model considerably (I could then use my database to invoke potentially harmful commands), but we can argue that's less harmful than opening all network operations.

Additional information

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or requestsandboxIssues related to permissions or sandboxing

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions