From ebb615e67a457b779e7f6eb526f36564877d5832 Mon Sep 17 00:00:00 2001
From: Timothy <timothyhobbs@seznam.cz>
Date: Mon, 16 Jun 2014 13:41:09 +0000
Subject: [PATCH] Document the potential insecurity of --net host

Docker-DCO-1.1-Signed-off-by: Timothy <timothyhobbs@seznam.cz> (github: https://github.com/timthelion)
Upstream-commit: 12be909528e64c8d8db537ac1606248413862ec6
Component: cli
---
 components/cli/docs/sources/reference/run.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/components/cli/docs/sources/reference/run.md b/components/cli/docs/sources/reference/run.md
index 665eac0e29..5cb050c025 100644
--- a/components/cli/docs/sources/reference/run.md
+++ b/components/cli/docs/sources/reference/run.md
@@ -152,7 +152,7 @@ Supported networking modes are:
 
 * none - no networking in the container
 * bridge - (default) connect the container to the bridge via veth interfaces
-* host - use the host's network stack inside the container
+* host - use the host's network stack inside the container.  Note: This gives the container full access to local system services such as D-bus and is therefore considered insecure.
 * container - use another container's network stack
 
 #### Mode: none