Commit 682ab5e5 authored by Simon McVittie's avatar Simon McVittie

dbus-daemon(1): Put some scary warnings on <allow_anonymous/>

I'm far from convinced that this option should even *exist*, but it
should definitely be documented as a very bad thing.

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106004Signed-off-by: Simon McVittie's avatarSimon McVittie <smcv@collabora.com>
Reviewed-by: Ralf Habacker's avatarRalf Habacker <ralf.habacker@freenet.de>
Reviewed-by: Philip Withnall's avatarPhilip Withnall <withnall@endlessm.com>
(cherry picked from commit 5d368048)
parent c1c9ecaa
......@@ -386,6 +386,13 @@ mechanism will be authorized to connect. This option has no practical
effect unless the ANONYMOUS mechanism has also been enabled using the
<emphasis remap='I'>&lt;auth&gt;</emphasis> element, described below.</para>
<para>Using this directive in the configuration of the well-known
system bus or the well-known session bus will make that bus insecure
and should never be done. Similarly, on custom bus types, using this
directive will usually make the custom bus insecure, unless its
configuration has been specifically designed to prevent anonymous
users from causing damage or escalating privileges.</para>
<itemizedlist remap='TP'>
<listitem><para><emphasis remap='I'>&lt;listen&gt;</emphasis></para></listitem>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment