Go

Go

Made by DeepSource

Bind to all interfaces GSC-G102

Security
Major
a05 cwe-200 sans top 25 owasp top 10

Binding to all network interfaces can potentially open up a service to traffic on unintended interfaces.

When you bind the port to all interfaces using "0.0.0.0" as the IP address, you essentially allow it to accept connections from any IPv4 address, provided it can get to the socket via routing. Binding to all interfaces is therefore associated with security risks and is not recommended.

Bad practice

package main

import (
    "log"
    "net"
)

func main() {
    l, err := net.Listen("tcp", "0.0.0.0:2000")
    if err != nil {
        log.Fatal(err)
    }
    defer l.Close()
}

Recommended

package main

import (
    "log"
    "net"
)

func main() {
    l, err := net.Listen("tcp", "1.2.3.4:2000")
    if err != nil {
        log.Fatal(err)
    }
    defer l.Close()
}

References