Go

Go

By DeepSource

Bind to all interfacesGSC-G102

Security

Binding to all network interfaces can potentially open up a service to traffic on unintended interfaces.

When you bind the port to all interfaces using "0.0.0.0" as the IP address, you essentially allow it to accept connections from any IPv4 address provided that it can get to the socket via routing. Binding to all interfaces is therefore associated with security risks and is not recommended.

Examples

Bad practice

package main

import (
    "log"
    "net"
)

func main() {
    l, err := net.Listen("tcp", "0.0.0.0:2000")
    if err != nil {
        log.Fatal(err)
    }
    defer l.Close()
}

Recommended

package main

import (
    "log"
    "net"
)

func main() {
    l, err := net.Listen("tcp", "1.2.3.4:2000")
    if err != nil {
        log.Fatal(err)
    }
    defer l.Close()
}

References