Hacker News new | past | comments | ask | show | jobs | submit login

listening on the local device and having no UAC seems pretty standard to me.

If you want to expose anything, you have to do it very explicitly and as linked there are warnings and advice about doing so.




Process security is very common even when the process listens only on a socket.


I'm wondering what you mean here when you say "on the local device". Are you implying that it is guaranteed that the local device is not exposed? I don't see why you would have to explicitly expose something. The entire instance is exposed by default.


it listens on 127.0.0.1, not not on an external interface, it is not exposed by default


But that has nothing to do with the instance access control or the database access. Changing the listening interface isn't going to magically fix the default security setup.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: