From: Simon McVittie <smcv@collabora.com>
Date: Thu, 12 Apr 2018 13:08:08 +0000 (+0100)
Subject: dbus-daemon(1): Put some scary warnings on <allow_anonymous/>
X-Git-Tag: dbus-1.12.8~7
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=682ab5e56493232bd67ae78df0a0ce825f4f1ec4;p=thirdparty%2Fdbus.git

dbus-daemon(1): Put some scary warnings on <allow_anonymous/>

I'm far from convinced that this option should even *exist*, but it
should definitely be documented as a very bad thing.

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106004
Signed-off-by: Simon McVittie <smcv@collabora.com>
Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
Reviewed-by: Philip Withnall <withnall@endlessm.com>
(cherry picked from commit 5d3680486712891c13b85c07fab629bb70f623cc)
---

diff --git a/doc/dbus-daemon.1.xml.in b/doc/dbus-daemon.1.xml.in
index 094389dfc..899cec26a 100644
--- a/doc/dbus-daemon.1.xml.in
+++ b/doc/dbus-daemon.1.xml.in
@@ -386,6 +386,13 @@ mechanism will be authorized to connect. This option has no practical
 effect unless the ANONYMOUS mechanism has also been enabled using the
 <emphasis remap='I'>&lt;auth&gt;</emphasis> element, described below.</para>
 
+<para>Using this directive in the configuration of the well-known
+  system bus or the well-known session bus will make that bus insecure
+  and should never be done. Similarly, on custom bus types, using this
+  directive will usually make the custom bus insecure, unless its
+  configuration has been specifically designed to prevent anonymous
+  users from causing damage or escalating privileges.</para>
+
 <itemizedlist remap='TP'>
 
   <listitem><para><emphasis remap='I'>&lt;listen&gt;</emphasis></para></listitem>