Security
Use in trusted environments with explicit
boundaries.
Recommended deployment
-
keep the default localhost binding when possible
-
put the service behind HTTPS when exposed over a
network
- use a strong password
-
restrict access through a trusted proxy, VPN, or
firewall
-
avoid running with more privileges than
necessary
Scope
-
intended for trusted local or private-network
administration
-
not a hardened privileged access management
system
- not a multi-tenant terminal service
-
not a substitute for audited identity-aware
infrastructure