LocalDNS.wtf

Security

Security policy, best practices, and known limitations for LocalDNS.wtf.

Security

Security Considerations

LocalDNS.wtf is designed with security in mind:

  • Local-only: Daemon only binds to localhost (127.0.0.1)
  • No remote access: Does not expose services to external networks
  • Process isolation: Each app runs in its own process
  • Input validation: All user inputs are validated and sanitized
  • Minimal permissions: Requires no special system privileges

Known Limitations

  • Local network exposure: If you manually configure network access, ensure proper firewall rules
  • Process management: Running user commands inherently carries some risk
  • File permissions: Registry files are stored in user's home directory

Best Practices

  1. Keep it local: Don't expose the daemon to external networks
  2. Trust your commands: Only run commands from trusted sources
  3. Regular updates: Keep LocalDNS.wtf updated to the latest version
  4. Review domains: Periodically review your registered domains

Reporting a Vulnerability

If you discover a security vulnerability, please report it responsibly:

  • Email: security@localdns.wtf
  • Response time: We aim to respond within 48 hours
  • Fix timeline: Critical issues will be addressed within 7 days

What to Include

  • Description of the vulnerability
  • Steps to reproduce the issue
  • Potential impact assessment
  • Suggested fix (if you have one)

AI Runners

Integrate local AI runners like Ollama, LocalAI, and LM Studio with LocalDNS for seamless .local domain access and MCP configuration.

CLI Overview

Complete command-line reference for the localdns CLI tool.

On this page

SecuritySecurity ConsiderationsKnown LimitationsBest PracticesReporting a VulnerabilityWhat to Include