dbus-daemon(1): Recommend against remote TCP for debugging

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106004
Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
Reviewed-by: Philip Withnall <withnall@endlessm.com>
[smcv: Add a TODO comment as suggested]
Signed-off-by: Simon McVittie <smcv@collabora.com>
(cherry picked from commit cf47380641aac0e5b40694b0ae09ffb85ec4b5fc)

diff --git a/doc/dbus-daemon.1.xml.in b/doc/dbus-daemon.1.xml.in
index 891fbfb0fdd38c5c7f6e119c6f74946710fedf23..094389dfc15024a094ebacd64a08b40a26c06db5 100644 (file)
--- a/doc/dbus-daemon.1.xml.in
+++ b/doc/dbus-daemon.1.xml.in
@@ -415,6 +415,16 @@ a transport name plus possible parameters/options.</para>
   configuring the well-known system bus or the well-known session
   bus to listen on a non-loopback TCP address is insecure.
 </para>
+<para>
+  Developers are sometimes tempted to use remote TCP as a debugging
+  tool. However, if this functionality is left enabled in finished
+  products, the result will be dangerously insecure. Instead of
+  using remote TCP, developers should <ulink
+    url="https://lists.freedesktop.org/archives/dbus/2018-April/017447.html"
+    >relay connections via Secure Shell or a similar protocol</ulink>.
+  <!-- TODO: Ideally someone would write a more formal guide to
+       remote D-Bus debugging, and we could link to that instead -->
+</para>
 
 <para>Example: &lt;listen&gt;unix:path=/tmp/foo&lt;/listen&gt;</para>