[BUG]Doris listen all-zero address(0.0.0.0), that may be cause a serucity problem

[zhaojintaozhao]

Hi All:

When FE, BE, and HDFS-Broker starting, these process will start mysql- server\http-server and thrift-server. These servers don't bind detailed host addresses(just like 10.11.22.33), so these servers listen on all-zero adrdess(0.0.0.0), just like 0.0.0.0:9030.

Binding all-zero ports (0.0.0.0:9030) is equals to binding all IP addresses of the local host, which causes network-wide listening. The Doris service is directly exposed to the public network, which is vulnerable to attacks. That may be a security problem.

When starting the mysql-server\http-server\thrift-server, bind a specific IP address to avoid all-zero port listening.

Currently, I have resolved this security problem.

[yangzhg]

http-server\thrift-server will be used by multi-be in the cluster. If it is not bound to 0.0.0.0 multi-be clusters, it will not work normally，but mysql-server maybe not bind to anyLocalAddress

[francisoliverlee]

it should be a network problem, and can be solved by network policy
@zhaojintaozhao