From 6ab0d56a5997a5e45b5cf2fd25015bbf20d042a7 Mon Sep 17 00:00:00 2001
From: Rich Trott <rtrott@gmail.com>
Date: Mon, 28 Jan 2019 16:07:31 -0800
Subject: [PATCH] doc: revise inspect security info in cli.md

Revise inspect security information in cli.md.

* Reword sentence for brevity.
* Use bulleted list for clarity of options.
* Eliminate personal pronoun (_you_) per style guide.

PR-URL: https://github.com/nodejs/node/pull/25779
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
---
 doc/api/cli.md | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/doc/api/cli.md b/doc/api/cli.md
index 857f7de6ce7ca8..0551f7ebb88f8e 100644
--- a/doc/api/cli.md
+++ b/doc/api/cli.md
@@ -246,9 +246,10 @@ Binding the inspector to a public IP (including `0.0.0.0`) with an open port is
 insecure, as it allows external hosts to connect to the inspector and perform
 a [remote code execution][] attack.
 
-If you specify a host, make sure that at least one of the following is true:
-either the host is not public, or the port is properly firewalled to disallow
-unwanted connections.
+If specifying a host, make sure that either:
+
+* The host is not accessible from public networks.
+* A firewall disallows unwanted connections on the port.
 
 **More specifically, `--inspect=0.0.0.0` is insecure if the port (`9229` by
 default) is not firewall-protected.**