mirror of
https://gitlab.freedesktop.org/dbus/dbus.git
synced 2026-02-05 08:50:26 +01:00
dbus-daemon(1): Recommend requiring EXTERNAL on non-Windows OSs
This is the default, and blocks TCP-based attacks by making the
attacker fail to authenticate (while also preventing inadvisable
TCP-based configurations from working).
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106004
Signed-off-by: Simon McVittie <smcv@collabora.com>
Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
Reviewed-by: Philip Withnall <withnall@endlessm.com>
(cherry picked from commit aef4475939)
This commit is contained in:
Simon McVittie
parent
682ab5e564
commit
a3a37f8bc2
1 changed files with 4 additions and 0 deletions
|
|
@ -491,6 +491,10 @@ exist, then all known mechanisms are allowed. If there are multiple
|
|||
<auth> elements, all the listed mechanisms are allowed. The order in
|
||||
which mechanisms are listed is not meaningful.</para>
|
||||
|
||||
<para>On non-Windows operating systems, allowing only the
|
||||
<literal>EXTERNAL</literal> authentication
|
||||
mechanism is strongly recommended. This is the default for the
|
||||
well-known system bus and for the well-known session bus.</para>
|
||||
|
||||
<para>Example: <auth>EXTERNAL</auth></para>
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue