[FLINK-36889] Mention locking down a Flink cluster in the 'Production Readiness Checklist'

[Samrat002]

What is the purpose of the change

Add a note section in Production Readiness Checklist on flink security

Brief change log

just a doc update

Verifying this change

validate markdown file is rendered properly

Does this pull request potentially affect one of the following parts:

N/A

Documentation

• Does this pull request introduce a new feature? (yes / no) no
• If yes, how is the feature documented? (not applicable / docs / JavaDocs / not documented)

[flinkbot]

CI report:

• ed34990 Azure: SUCCESS

Bot commands

The @flinkbot bot supports the following commands:

• @flinkbot run azure re-run the last Azure build

[davidradl]

it seems very restrictive to say Flink clusters should not be exposed to the company intranet. If they are locked down with TLS and appropriate authentication - this could be acceptable, rather than having to have its own network to run Flink. We could have a statement around TLS and better still mTLS for all connections.

[Samrat002]

Thank you @davidradl.

i have incorporated your suggestion. Please review whenever time

[davidradl]

Reviewed by Chi on 12/12/24. Asked submitter questions

[Samrat002]

@rmetzger Please review whenever time

[rmetzger]

I think the language here can be more explicit. Arbitrary code execution is not a potential vulnerability.
Flink has been designed for arbitrary, remote code execution -- it is not an accident ;)
Check also this FAQ entry for how we've worded this in the past: https://flink.apache.org/what-is-flink/security/#during-a-security-analysis-of-flink-i-noticed-that-flink-allows-for-remote-code-execution-is-this-an-issue