From f5a19f6328d04e3f5d68554aa59408e45ad03b5d Mon Sep 17 00:00:00 2001
From: wm4 <wm4@nowhere>
Date: Fri, 17 Oct 2014 23:01:38 +0200
Subject: manpage: ipc: explain security implications

It's kind of obvious, since the protocol by design has to allow you to
read (loadfile) and write (screenshot_to) random files, but better
make it explicit so that nobody accidentally does something insecure.
---
 DOCS/man/ipc.rst | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'DOCS/man')

diff --git a/DOCS/man/ipc.rst b/DOCS/man/ipc.rst
index b488cd738c..83aa018b03 100644
--- a/DOCS/man/ipc.rst
+++ b/DOCS/man/ipc.rst
@@ -6,6 +6,14 @@ can be enabled by specifying the path to a unix socket using the option
 ``--input-unix-socket``. Clients can connect to this socket and send commands to
 the player or receive events from it.
 
+.. warning::
+
+    This is not intended to be a secure network protocol. It is explicitly
+    insecure: there is no authentication, no encryption, and the commands
+    themselves are insecure too. For example, the ``run`` command is exposed,
+    which can run arbitrary system commands. The use-case is controlling the
+    player locally. This is not different from the MPlayer slave protocol.
+
 Protocol
 --------
 
-- 
cgit v1.2.3