doc: revise inspect security info in cli.md

Revise inspect security information in cli.md. * Reword sentence for brevity. * Use bulleted list for clarity of options. * Eliminate personal pronoun (_you_) per style guide. PR-URL: https://github.com/nodejs/node/pull/25779 Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Richard Lau <riclau@uk.ibm.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net>
2026-01-15 12:15:26 +00:00 · 2019-01-28 16:07:31 -08:00
parent d34671ab79
commit 6ab0d56a59
1 changed files with 4 additions and 3 deletions
--- a/doc/api/cli.md
+++ b/doc/api/cli.md
@@ -246,9 +246,10 @@ Binding the inspector to a public IP (including `0.0.0.0`) with an open port is
 insecure, as it allows external hosts to connect to the inspector and perform
 a [remote code execution][] attack.

-If you specify a host, make sure that at least one of the following is true:
-either the host is not public, or the port is properly firewalled to disallow
-unwanted connections.
+If specifying a host, make sure that either:
+
+* The host is not accessible from public networks.
+* A firewall disallows unwanted connections on the port.

 **More specifically, `--inspect=0.0.0.0` is insecure if the port (`9229` by
 default) is not firewall-protected.**