mirror of
https://gitlab.freedesktop.org/dbus/dbus.git
synced 2026-02-05 19:20:29 +01:00
dbus-daemon(1): Recommend requiring EXTERNAL on non-Windows OSs
This is the default, and blocks TCP-based attacks by making the attacker fail to authenticate (while also preventing inadvisable TCP-based configurations from working). Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106004 Signed-off-by: Simon McVittie <smcv@collabora.com> Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de> Reviewed-by: Philip Withnall <withnall@endlessm.com>
This commit is contained in:
Simon McVittie
parent
5d36804867
commit
aef4475939
1 changed files with 4 additions and 0 deletions
|
|
@ -491,6 +491,10 @@ exist, then all known mechanisms are allowed. If there are multiple
|
|||
<auth> elements, all the listed mechanisms are allowed. The order in
|
||||
which mechanisms are listed is not meaningful.</para>
|
||||
|
||||
<para>On non-Windows operating systems, allowing only the
|
||||
<literal>EXTERNAL</literal> authentication
|
||||
mechanism is strongly recommended. This is the default for the
|
||||
well-known system bus and for the well-known session bus.</para>
|
||||
|
||||
<para>Example: <auth>EXTERNAL</auth></para>
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue