[nomad-1.5] Nomad API socket exposed by default leading to a larger attack surface.

[apollo13]

Like mentioned in #15864 (comment) exposing the API socket to tasks by default increases the attack surface for malicious actors. Especially for operators not needing the API socket, it would be great to be able to disable it (truth to be told it should be disabled by default).

In an ideal world I think we might wanna have the following:

• A toggle in the jobspec to activate the socket for a task.
• Add a nomad_api = true|false to namespace apply like we do for task drivers (https://developer.hashicorp.com/nomad/docs/commands/namespace/apply)
• Maybe even at a flag to the client config to disallow it for certain clients; not sure how much that would offer since I assume operators (ie those who can create and configure the namespaces) need to be trustworthy anyways

[jrasell]

Hi @apollo13 and thanks for raising this issue and I appreciate the detail around control possibilities. This is something we probably need to discuss a little more to come up with a solution with an ideal UX, but I certainly think it's a good idea.