RPC whitelist file (only RPC commands in this file can run) #1421
https://github.com/BitShares/bitshares/issues/1421Short story short ...
RPC is the communication portal between the BitShares Client and other applications .
Use the RPC port / username /pass , you can essentially do whatever you want with a wallet .
For some applications , like home computer working with a remote wallet using RPC port , and if the bad guy controls the port , then he controls the wallet with all the function available , like transfer , vote , etc ...
But with Whitelist , if the RPC command was not enabled in the whitelist file , then the bad guys can't excute the specific RPC command even with full control of the RPC port .