Description
Security WG of EEF flagged the issue of EPMD binding to non-localhost interfaces. I think adding their suggestion of:
-env ERL_EPMD_ADDRESS "127.0.0.1"
-kernel inet_dist_use_interface '{127, 0, 0, 1}'
to vm.args template makes sense.
We'll still just rely on the user setting ERL_DIST_PORT to automatically disable boot of epmd and set a static port for distribution.
Only worry is, now that I think more about it, it is sort of a breaking change more than I was thinking. Now people who expect the defaults to work for deploying a cluster will discover they have to make changes.
I was mainly thinking I wanted a) not to remove -sname/-name from the defaults so the remote console continued to work and b) for local dev of a release to not have any issues.
Not sure if we want a relx 5.0 just for this... Or just do it in a minor release.