• Gregor Riepl's avatar
    The listener is opened on INADDR_ANY, so it will accept any network · 96771ccc
    Gregor Riepl authored
    connection, no matter if it is originating locally or from the outside
    of the host. There is no check in place to discard non-local
    connections. The only security against a malicious attack would be
    provided by a local firewall, which is not guaranteed to be installed on
    every workstation kicad is used on.
    
    I tested this, and a host running eeschema accepts connections on TCP
    port 4243 from other hosts on the internet.
    
    A patch to remedy this potentially serious security hole is attached. It
    creates the listener on localhost instead. A flag is provided to allow
    the creation of sockets on 0.0.0.0 instead, if required. localhost is
    the default.
    96771ccc
eda_dde.cpp 5.35 KB