Joe Julian (joe) reports:
Any host, whether a peer member or not, can use the remote-host command to
gain access to the trusted peer group.
The remote host can peer probe itself, modify the volume, set up geo-rep to a
3rd party, etc.
Network security is not enough. Take, for instance, a storage-as-a-service
model where you allow untrusted users to mount volumes. Since they need access
to 24007 to retrieve their volume configuration, they can also issue
remote-host commands.