Comment by mr_toad

> The notion that some random app can just spin up a server on localhost without my permission is completely insane.

As far as I know any desktop app (userland code) can listen on a non-privileged port without permissions, on any desktop OS.

I’ve seen a few programs (like R) run web servers to provide documentation (although, the server only ran temporarily).