diff options
author | Rich Trott <rtrott@gmail.com> | 2019-01-28 16:07:31 -0800 |
---|---|---|
committer | Rich Trott <rtrott@gmail.com> | 2019-01-30 21:35:10 -0800 |
commit | 6ab0d56a5997a5e45b5cf2fd25015bbf20d042a7 (patch) | |
tree | e6dc834f3bd9cf655c857831b3ccd2cd5e5e7035 /doc/api | |
parent | d34671ab7933be28586d3ef7df6515b84f6b6974 (diff) | |
download | android-node-v8-6ab0d56a5997a5e45b5cf2fd25015bbf20d042a7.tar.gz android-node-v8-6ab0d56a5997a5e45b5cf2fd25015bbf20d042a7.tar.bz2 android-node-v8-6ab0d56a5997a5e45b5cf2fd25015bbf20d042a7.zip |
doc: revise inspect security info in cli.md
Revise inspect security information in cli.md.
* Reword sentence for brevity.
* Use bulleted list for clarity of options.
* Eliminate personal pronoun (_you_) per style guide.
PR-URL: https://github.com/nodejs/node/pull/25779
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Diffstat (limited to 'doc/api')
-rw-r--r-- | doc/api/cli.md | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/doc/api/cli.md b/doc/api/cli.md index 857f7de6ce..0551f7ebb8 100644 --- a/doc/api/cli.md +++ b/doc/api/cli.md @@ -246,9 +246,10 @@ Binding the inspector to a public IP (including `0.0.0.0`) with an open port is insecure, as it allows external hosts to connect to the inspector and perform a [remote code execution][] attack. -If you specify a host, make sure that at least one of the following is true: -either the host is not public, or the port is properly firewalled to disallow -unwanted connections. +If specifying a host, make sure that either: + +* The host is not accessible from public networks. +* A firewall disallows unwanted connections on the port. **More specifically, `--inspect=0.0.0.0` is insecure if the port (`9229` by default) is not firewall-protected.** |