From 30f4fc6963e5793368713897f32afd2172dc1578 Mon Sep 17 00:00:00 2001
From: Lukas Larsson
Date: Thu, 18 May 2017 16:11:11 +0200
Subject: otp: Extend secure distribution docs warnings
Warnings have been added to the relevant documentation
about not using un-secure distributed nodes in exposed
environments.
---
lib/kernel/doc/src/net_kernel.xml | 13 +++++++++++++
1 file changed, 13 insertions(+)
(limited to 'lib/kernel/doc')
diff --git a/lib/kernel/doc/src/net_kernel.xml b/lib/kernel/doc/src/net_kernel.xml
index 4e2b0c69db..7ddb849824 100644
--- a/lib/kernel/doc/src/net_kernel.xml
+++ b/lib/kernel/doc/src/net_kernel.xml
@@ -64,6 +64,19 @@ $ erl -sname foobar
by the magic cookie system, see section
Distributed Erlang
in the Erlang Reference Manual.
+
+
+ Starting a distributed node without also specifying
+ -proto_dist inet_tls
+ will expose the node to attacks that may give the attacker
+ complete access to the node and in extension the cluster.
+ When using un-secure distributed nodes, make sure that the
+ network is configured to keep potential attackers out.
+ See the
+ Using SSL for Erlang Distribution User's Guide
+ for details on how to setup a secure distributed node.
+