Warn on potentially insecure inspector options (--inspect=0.0.0.0)

[ChALkeR]

Extracted from #21774.

Inspector by default is bound to 127.0.0.1, but suggestion to launch it with --inspect=0.0.0.0 is highly copy-pasted without proper understanding what it does. I've observed that personally in chats, also see google.

Binding inspector to 0.0.0.0 (in fact, to anything but the loopback interface ip) allows RCE, which could be catastrophic in cases where the IP is public. The users should be informed of that.

A warning printed to the console (with corresponding documentation change) should at least somewhat mitigate this.

Note: the doc change and the c++ change can come separately.

[nik72619c]

can I work on this one ?

[ChALkeR]

@nik72619c Sure!

Documentation change is in #23640, the warning part is free to be taken atm.

I was thinking about:

1. Making a function to determine if the specified IPv4 is either (1) loopback, (2) private, or (3) public.
2. If the user specifies a host, it's resolved to an address.
3. Once we have the address, pass it through the function from part 1. Loopback (1) does not need any warning, and the private (2) and public (3) addresses probably need slightly different warnings, with a link to the doc from doc: inspector security warning for changing host to a public IP #23640 (once that lands).

Loopback: 127.0.0.0 — 127.255.255.255.
Private: 10.0.0.0 – 10.255.255.255, 172.16.0.0 – 172.31.255.255, 192.168.0.0 – 192.168.255.255
Public: everything else, mostly.

There are more special address blocks, but those are unlikely to be observed, so just falling back to «public» and printing a corresponding warning should be fine imo.

I can mentor that.

[slonka]

@nik72619c are you still working on this? If not I'm happy to take over.