doc: revise inspect security info in cli.md

Revise inspect security information in cli.md. * Reword sentence for brevity. * Use bulleted list for clarity of options. * Eliminate personal pronoun (_you_) per style guide. PR-URL: #25779 Reviewed-By: Vse Mozhet Byt <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Richard Lau <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Anna Henningsen <[email protected]>
nodejs · Feb 1, 2019 · accb8ae · accb8ae
1 parent fd98d62
commit accb8ae
Showing 1 changed file with 4 additions and 3 deletions.
diff --git a/doc/api/cli.md b/doc/api/cli.md
@@ -246,9 +246,10 @@ Binding the inspector to a public IP (including `0.0.0.0`) with an open port is
 insecure, as it allows external hosts to connect to the inspector and perform
 a [remote code execution][] attack.
 
-If you specify a host, make sure that at least one of the following is true:
-either the host is not public, or the port is properly firewalled to disallow
-unwanted connections.
+If specifying a host, make sure that either:
+
+* The host is not accessible from public networks.
+* A firewall disallows unwanted connections on the port.
 
 **More specifically, `--inspect=0.0.0.0` is insecure if the port (`9229` by
 default) is not firewall-protected.**