diff options
author | Simon McVittie <smcv@collabora.com> | 2018-04-12 13:57:26 +0100 |
---|---|---|
committer | Simon McVittie <smcv@collabora.com> | 2018-04-25 16:48:12 +0100 |
commit | c1c9ecaa8a3d6a23fa9eae71d37eafacb9c9b975 (patch) | |
tree | b5aa550964ed46c252857c35af0b59f94bfcccbb | |
parent | 9bd0256f32c62c3eb5b5a2bff2bee975f0e1e36d (diff) | |
download | dbus-c1c9ecaa8a3d6a23fa9eae71d37eafacb9c9b975.tar.gz |
dbus-daemon(1): Recommend against remote TCP for debugging
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106004
Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
Reviewed-by: Philip Withnall <withnall@endlessm.com>
[smcv: Add a TODO comment as suggested]
Signed-off-by: Simon McVittie <smcv@collabora.com>
(cherry picked from commit cf47380641aac0e5b40694b0ae09ffb85ec4b5fc)
-rw-r--r-- | doc/dbus-daemon.1.xml.in | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/doc/dbus-daemon.1.xml.in b/doc/dbus-daemon.1.xml.in index 891fbfb0..094389df 100644 --- a/doc/dbus-daemon.1.xml.in +++ b/doc/dbus-daemon.1.xml.in @@ -415,6 +415,16 @@ a transport name plus possible parameters/options.</para> configuring the well-known system bus or the well-known session bus to listen on a non-loopback TCP address is insecure. </para> +<para> + Developers are sometimes tempted to use remote TCP as a debugging + tool. However, if this functionality is left enabled in finished + products, the result will be dangerously insecure. Instead of + using remote TCP, developers should <ulink + url="https://lists.freedesktop.org/archives/dbus/2018-April/017447.html" + >relay connections via Secure Shell or a similar protocol</ulink>. + <!-- TODO: Ideally someone would write a more formal guide to + remote D-Bus debugging, and we could link to that instead --> +</para> <para>Example: <listen>unix:path=/tmp/foo</listen></para> |