> Remember that the patch is almost trivial. Add a configuration option > acceptConnectionsOnlyFromLocalHost, and then in the server connect logic > reject non-localhost attempts (and log a security note).
Sorry, I was actually pondering about it in comparison with the investment in implementing some kind of plugin system to allow server-wide access restrictions. This shouldn't be too hard to hack in either, but it'd be best to have some kind of agreement on how to do it "correctly" so that the work can be integrated upstream, and this would require some additional involvement to get the APIs right. -- Gustavo Niemeyer http://niemeyer.net