Feature Request: Support listening on a UNIX socket

[propertone]

What did you do?

I have Prometheus running behind a reverse proxy on the same host which adds authentication and authorization to the /api/v1/admin endpoint. However, anyone with SSH access to the host running Prometheus can easily bypass the proxy by querying localhost. A unix socket can be secured with unix permissions, which will prevent unauthenticated access. In our corporate environment, ssh access to hosts is typically shared and the users who wish to run their own instance of Prometheus do not necessarily have root access.

Environment

• System information:

  Linux 3.10.0-693.17.1.el7.x86_64 x86_64

• Prometheus version:

  prometheus, version 2.2.1 (branch: HEAD, revision: bc6058c)

[brian-brazil]

We don't plan on providing anything other than TCP access. In such a scenario you could consider iptables, as they can filter on uid.

[propertone]

That's unfortunate as this setup is fairly common in corporate environments. iptables solution does not work for non-root users. Is there some philosophical reason against this feature or would you be open to a PR? It's is fairly trivial change to implement in Go (eg: https://github.com/grafana/grafana/pull/8221/files)

[brian-brazil]

It's something we've discussed in the past, and we don't want the complexity that would come with having to maintain a non-standard way to offer HTTP.

I should also point out that if you can't trust other users on a shared machine that you probably shouldn't be sharing the machine, there's always a local root vulnerability lurking.

[lock]

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.