irkerd: Add command-line options for the listener --host and --port
We shouldn't have to edit the file to bind to an alternative
interface. The lack of a configurable port was an explicit decision
in the original design [1]:
> I even, quite deliberately, omitted the usual option to change the
> port that irker listens on. Because if you think you need an option
> like that, you actually have a problem you need to solve at your
> firewall.
which is fine, but it seems excessive to have to edit irkerd to bind
to 0.0.0.0 instead of localhost. From the security audit's
assumptions [2]:
> 3. The machine which hosts irkerd has the same owner as the machine
> which hosts the the repo; these machines are possibly but not
> necessarily one and the same.
and it's going to be hard for the hooks to communicate with a remote
irkerd if that irkerd is only bound to localhost. I don't really care
about configuring the port, but it's similar enough to the host
interface that I thought it should have the same config mechanism
(from a "least surprise" perspective).
[1]: http://esr.ibiblio.org/?p=4540
[2]: security.txt in this repo
projects / irker.git / commit