Skip to content

Security: dev server binds to all interfaces by default (LAN exposure) #2

Description

@companygardener

Summary

lib/server.py binds the HTTP server to all interfaces by default:

srv = ReuseTCP(("", args.port), FeedbackHandler)

An empty bind address listens on 0.0.0.0, so anyone on the same Wi-Fi / LAN as the developer can reach the dev server.

Impact

Combined with the fact that SimpleHTTPRequestHandler serves the full artifact directory (including feedback/inbox.jsonl), any device on the same network can:

  1. Read the entire comment stream (curl http://<dev-host>:5050/feedback/inbox.jsonl)
  2. POST arbitrary JSON to /feedback, which the agent then ingests as user feedback during the next walkthrough

Most users running this skill on a laptop in a coffee shop / shared office / home network would not expect the comment endpoint to be reachable from other devices.

Suggested fix

  • Default --bind to 127.0.0.1
  • Keep a --bind flag for users who explicitly want LAN access (e.g. testing on a phone), and print a clear warning when bound to anything other than loopback

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions