From 30f4fc6963e5793368713897f32afd2172dc1578 Mon Sep 17 00:00:00 2001
From: Lukas Larsson <lukas@erlang.org>
Date: Thu, 18 May 2017 16:11:11 +0200
Subject: otp: Extend secure distribution docs warnings

Warnings have been added to the relevant documentation
about not using un-secure distributed nodes in exposed
environments.
---
 lib/kernel/doc/src/net_kernel.xml | 13 +++++++++++++
 1 file changed, 13 insertions(+)

(limited to 'lib')

diff --git a/lib/kernel/doc/src/net_kernel.xml b/lib/kernel/doc/src/net_kernel.xml
index 4e2b0c69db..7ddb849824 100644
--- a/lib/kernel/doc/src/net_kernel.xml
+++ b/lib/kernel/doc/src/net_kernel.xml
@@ -64,6 +64,19 @@ $ <input>erl -sname foobar</input></pre>
       by the magic cookie system, see section
       <seealso marker="doc/reference_manual:distributed">Distributed Erlang</seealso>
       in the Erlang Reference Manual.</p>
+    <warning>
+      <p>
+        Starting a distributed node without also specifying
+        <seealso marker="erts:erl#proto_dist"><c>-proto_dist inet_tls</c></seealso>
+        will expose the node to attacks that may give the attacker
+        complete access to the node and in extension the cluster.
+        When using un-secure distributed nodes, make sure that the
+        network is configured to keep potential attackers out.
+        See the <seealso marker="ssl:ssl_distribution">
+        Using SSL for Erlang Distribution</seealso> User's Guide
+        for details on how to setup a secure distributed node.
+      </p>
+    </warning>
   </description>
 
   <funcs>
-- 
cgit v1.2.3