From b3b1d94a0f757d2803d3b863994d64e0f830a9bc Mon Sep 17 00:00:00 2001
From: Jay Graber <jay@z.cash>
Date: Wed, 19 Oct 2016 18:53:24 -0700
Subject: [PATCH] Document RPC interface security assumptions in
 security-warnings.md

---
 doc/security-warnings.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/doc/security-warnings.md b/doc/security-warnings.md
index 5b9ede691..42f5e9bc1 100644
--- a/doc/security-warnings.md
+++ b/doc/security-warnings.md
@@ -44,6 +44,11 @@ The REST interface is a feature inherited from upstream Bitcoin.  By default,
 it is disabled. We do not recommend you enable it until it has undergone a
 security review.
 
+RPC Interface
+---------------
+
+If the client knows the RPC password, they have full access to the node. Users should choose a strong RPC password, and refrain from changing the default setting that only allows RPC connections from localhost. A remote host would enable a MITM to execute arbitrary RPC commands. For multi-user services that use one or more zcashd instances on the backend, the parameters passed in by users should be controlled to prevent confused-deputy attacks which could spend from any keys held by that zcashd.
+
 Block Chain Reorganizations
 ----------------------------