Commit ee0e42ae authored by Simon McVittie's avatar Simon McVittie

Update NEWS

parent aef44759
......@@ -11,6 +11,12 @@ Dependencies:
Enhancements:
• D-Bus Specification v0.32
· Be clearer about the security properties of TCP transports, which
have no integrity or confidentiality protection and so should not
normally be used, except via the loopback interface on Windows
(fd.o #106004, Simon McVittie)
• On Linux 4.13 or later, <policy group="…"> now uses the SO_PEERGROUPS
credentials-passing socket option to get the effective group IDs
of the initiator of the connection. On platforms where that socket
......@@ -38,6 +44,11 @@ Enhancements:
The Devhelp documentation index is now in version 2 format
(fd.o #106186, Simon McVittie)
Give the dbus-daemon man page some scarier warnings about
<allow_anonymous/>, which is insecure and should not be used,
particularly for the standard system and session buses
(fd.o #106004, Simon McVittie)
Fixes:
Listening on TCP sockets copes better with IPv6 being disabled
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment