Merge branch '3542-arm-stats-socket-caution' into 'v9_16'

Provide stronger wording about the security of statistics channel

See merge request isc-projects/bind9!6795

doc/arm/reference.rst

@@ -4694,9 +4694,21 @@ If no port is specified, port 80 is used for HTTP channels. The asterisk
 Attempts to open a statistics channel are restricted by the
 optional ``allow`` clause. Connections to the statistics channel are
 permitted based on the ``address_match_list``. If no ``allow`` clause is
-present, ``named`` accepts connection attempts from any address; since
-the statistics may contain sensitive internal information, it is highly
-recommended to restrict the source of connection requests appropriately.
+present, ``named`` accepts connection attempts from any address. Since
+the statistics may contain sensitive internal information, the source of
+connection requests must be restricted appropriately so that only
+trusted parties can access the statistics channel.
+
+Gathering data exposed by the statistics channel locks various subsystems in
+``named``, which could slow down query processing if statistics data is
+requested too often.
+
+An issue in the statistics channel would be considered a security issue
+only if it could be exploited by unprivileged users circumventing the access
+control list. In other words, any issue in the statistics channel that could be
+used to access information unavailable otherwise, or to crash ``named``, is
+not considered a security issue if it can be avoided through the
+use of a secure configuration.
 
 If no ``statistics-channels`` statement is present, ``named`` does not
 open any communication channels.