aboutsummaryrefslogtreecommitdiffstats
path: root/system/doc/reference_manual/distributed.xml
diff options
context:
space:
mode:
authorLukas Larsson <[email protected]>2017-05-18 16:11:11 +0200
committerLukas Larsson <[email protected]>2017-05-23 14:47:04 +0200
commit30f4fc6963e5793368713897f32afd2172dc1578 (patch)
tree976e2f11cc4d200f4344ec18c2ce430add4e8dc1 /system/doc/reference_manual/distributed.xml
parent05dce0f330c83278cb134c7235a5353ce4116307 (diff)
downloadotp-30f4fc6963e5793368713897f32afd2172dc1578.tar.gz
otp-30f4fc6963e5793368713897f32afd2172dc1578.tar.bz2
otp-30f4fc6963e5793368713897f32afd2172dc1578.zip
otp: Extend secure distribution docs warnings
Warnings have been added to the relevant documentation about not using un-secure distributed nodes in exposed environments.
Diffstat (limited to 'system/doc/reference_manual/distributed.xml')
-rw-r--r--system/doc/reference_manual/distributed.xml13
1 files changed, 13 insertions, 0 deletions
diff --git a/system/doc/reference_manual/distributed.xml b/system/doc/reference_manual/distributed.xml
index 0a4a323fe9..01d78436c5 100644
--- a/system/doc/reference_manual/distributed.xml
+++ b/system/doc/reference_manual/distributed.xml
@@ -42,6 +42,19 @@
<p>The distribution mechanism is implemented using TCP/IP sockets.
How to implement an alternative carrier is described in the
<seealso marker="erts:alt_dist">ERTS User's Guide</seealso>.</p>
+ <warning>
+ <p>
+ Starting a distributed node without also specifying
+ <seealso marker="erts:erl#proto_dist"><c>-proto_dist inet_tls</c></seealso>
+ will expose the node to attacks that may give the attacker
+ complete access to the node and in extension the cluster.
+ When using un-secure distributed nodes, make sure that the
+ network is configured to keep potential attackers out.
+ See the <seealso marker="ssl:ssl_distribution">
+ Using SSL for Erlang Distribution</seealso> User's Guide
+ for details on how to setup a secure distributed node.
+ </p>
+ </warning>
</section>
<section>