net, net/netip: document the lack of security properties of IsPrivate

IsPrivate reports whether an address is in one of the address blocks
reserved for private use. This is not a security property of an address.
Add some additional text to hopefully make this clearer.

Change-Id: Ib34e67947095fe256b305e429da185707aca039b
Reviewed-on: https://go-review.googlesource.com/c/go/+/583935
Auto-Submit: Roland Shoemaker <roland@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Sean Liao <sean@liao.dev>

src/net/ip.go

@@ -132,6 +132,10 @@ func (ip IP) IsLoopback() bool {
 
 // IsPrivate reports whether ip is a private address, according to
 // RFC 1918 (IPv4 addresses) and RFC 4193 (IPv6 addresses).
+// That is, it reports whether ip is in 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, or fc00::/7.
+//
+// IsPrivate does not describe a security property of addresses,
+// and should not be used for access control.
 func (ip IP) IsPrivate() bool {
 	if ip4 := ip.To4(); ip4 != nil {
 		// Following RFC 1918, Section 3. Private Address Space which says:

src/net/netip/netip.go

@@ -637,6 +637,9 @@ func (ip Addr) IsGlobalUnicast() bool {
 // (IPv4 addresses) and RFC 4193 (IPv6 addresses). That is, it reports whether
 // ip is in 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, or fc00::/7. This is the
 // same as [net.IP.IsPrivate].
+//
+// IsPrivate does not describe a security property of addresses,
+// and should not be used for access control.
 func (ip Addr) IsPrivate() bool {
 	if ip.Is4In6() {
 		ip = ip.Unmap()