fix: bind docker compose port to localhost by default#25
Closed
study8677 wants to merge 1 commit into
Closed
Conversation
study8677
commented
May 20, 2026
Owner
Author
study8677
left a comment
study8677
left a comment
There was a problem hiding this comment.
总体评价
这是一个正确且有必要的安全修复。将 docker-compose.yml 端口绑定从 0.0.0.0:8080 改为 127.0.0.1:8080 有效消除了默认暴露场景下的攻击面。改动精准、没有多余变更。建议合并(Comment),但有两个中等优先级问题值得跟进。
问题清单
| 级别 | 文件 & 位置 | 描述 | 建议 |
|---|---|---|---|
| 🟡 建议 | Dockerfile — EXPOSE 8080 + ENV OPENCMO_WEB_HOST=0.0.0.0 |
直接使用 docker run -p 8080:8080 opencmo(不走 docker-compose)的用户将仍把端口暴露在所有网络接口上,此 PR 对他们无效。OPENCMO_WEB_HOST=0.0.0.0 是容器内网络转发所必须的(不能改为 127.0.0.1,否则 Docker 端口转发失效),但缺少说明容易误导用户以为改这个变量可以加固安全。 |
在 Dockerfile 的对应行加一条注释,并在 README 的 Docker 使用说明中注明:裸用 docker run 时需显式指定 -p 127.0.0.1:8080:8080。 |
| 🟡 建议 | README.md / 文档(未修改) |
无文档说明此次行为变更的含义:默认情况下 API 只能从本机访问;若要从同网络其他机器访问(如反向代理部署在不同主机时),需手动修改绑定地址。 | 在 README 的 Docker 部署章节补充说明默认行为及如何覆盖(例:ports: - "0.0.0.0:8080:8080" 用于代理场景)。 |
| 🟢 优化 | docker-compose.yml L5 |
绑定 127.0.0.1 的安全意图不言而喻,但加一行注释有助于将来维护者理解原因而不误改回去。 |
# Bind to localhost only — prevents unintended exposure on public interfaces |
亮点
- 改动最小化:仅改一行,不引入任何噪音,完全符合安全修复的最佳实践。
- 定位准确:宿主机侧端口绑定(docker-compose ports 映射)才是正确的修复点,而不是去改容器内的
OPENCMO_WEB_HOST(后者改了反而会破坏 Docker 网络转发)。
修改示例(Dockerfile 注释)
# Must bind to 0.0.0.0 inside the container for Docker port forwarding to work.
# Host-side exposure is controlled by the ports mapping in docker-compose.yml.
ENV OPENCMO_WEB_HOST=0.0.0.0以及 docker-compose.yml:
ports:
# Bind to localhost only — prevents unintended exposure on public interfaces.
# To allow remote access (e.g. behind a reverse proxy on another host), change to "0.0.0.0:8080:8080".
- "127.0.0.1:8080:8080"Generated by Claude Code
2 tasks
study8677
added a commit
that referenced
this pull request
May 21, 2026
* fix: validate and dedupe geo ask platforms * fix: bind docker compose port to localhost by default * fix: prevent verify-email auth bypass for verified users * fix: fail closed for account-scoped publish credentials * fix: prevent admin privilege escalation via signup * test: update admin/publisher tests for security fixes - test_publishers.py: replace env vars with llm.set_request_keys() since publish credentials no longer fall back to os.environ (account-scoped). - test_trial_platform.py: add _seed_admin() helper that activates the bootstrapped !unusable admin row directly, since signup can no longer claim that row to prevent admin privilege escalation. * test: fix ruff I001 import order
Owner
Author
|
Incorporated via #27 → main. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Motivation
OPENCMO_WEB_HOST=0.0.0.0in the image and publishing port8080indocker-compose.yml, which makes the API reachable on all host interfaces by default.Description
docker-compose.ymlto change the ports mapping from8080:8080to127.0.0.1:8080:8080so the web UI/API remains accessible from the host only and is not exposed to external interfaces by default.Testing
git diff --checkwhich completed with no errors.docker compose configto validate the composed config but it could not be executed in this environment becausedockeris not installed (command-not-found).Codex Task