From c7145425119b5384941b7f4e43c6307f9bc2fd90 Mon Sep 17 00:00:00 2001
From: Simon McVittie <smcv@collabora.com>
Date: Thu, 12 Apr 2018 14:08:08 +0100
Subject: [PATCH 8/9] dbus-daemon(1): Put some scary warnings on
 <allow_anonymous/>

I'm far from convinced that this option should even *exist*, but it
should definitely be documented as a very bad thing.

Signed-off-by: Simon McVittie <smcv@collabora.com>
---
 doc/dbus-daemon.1.xml.in | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/doc/dbus-daemon.1.xml.in b/doc/dbus-daemon.1.xml.in
index 29f8c259..474dd3a7 100644
--- a/doc/dbus-daemon.1.xml.in
+++ b/doc/dbus-daemon.1.xml.in
@@ -386,6 +386,13 @@ mechanism will be authorized to connect. This option has no practical
 effect unless the ANONYMOUS mechanism has also been enabled using the
 <emphasis remap='I'>&lt;auth&gt;</emphasis> element, described below.</para>
 
+<para>Using this directive in the configuration of the well-known
+  system bus or the well-known session bus will make that bus insecure
+  and should never be done. Similarly, on custom bus types, using this
+  directive will usually make the custom bus insecure, unless its
+  configuration has been specifically designed to prevent anonymous
+  users from causing damage or escalating privileges.</para>
+
 <itemizedlist remap='TP'>
 
   <listitem><para><emphasis remap='I'>&lt;listen&gt;</emphasis></para></listitem>
-- 
2.17.0