Docs: Add a multi-tenant warning. (#12091)

README.md

@@ -17,6 +17,8 @@ balancer.
 
 See the [Getting Started](https://kubernetes.github.io/ingress-nginx/deploy/) document.
 
+Do not use in multi-tenant Kubernetes production installations. This project assumes that users that can create Ingress objects are administrators of the cluster. See the [FAQ](https://kubernetes.github.io/ingress-nginx/faq/#faq) for more.
+
 ## Troubleshooting
 
 If you encounter issues, review the [troubleshooting docs](docs/troubleshooting.md),

docs/deploy/hardening-guide.md

@@ -1,6 +1,8 @@
 
 # Hardening Guide
 
+Do not use in multi-tenant Kubernetes production installations. This project assumes that users that can create Ingress objects are administrators of the cluster.
+
 ## Overview
 There are several ways to do hardening and securing of nginx. In this documentation two guides are used, the guides are
 overlapping in some points:

docs/faq.md

@@ -1,6 +1,16 @@
 
 # FAQ
 
+## Multi-tenant Kubernetes
+
+Do not use in multi-tenant Kubernetes production installations. This project assumes that users that can create Ingress objects are administrators of the cluster.
+
+For example, the Ingress NGINX control plane has global and per Ingress configuration options that make it insecure, if enabled, in a multi-tenant environment. 
+
+For example, enabling snippets, a global configuration, allows any Ingress object to run arbitrary Lua code that could affect the security of all Ingress objects that a controller is running. 
+
+We changed the default to allow snippets to `false` in https://github.com/kubernetes/ingress-nginx/pull/10393.
+
 ## Multiple controller in one cluster
 
 Question - How can I easily install multiple instances of the ingress-nginx controller in the same cluster?