severity 652914 normal retitle 652914 should document how to not run xmms2d insecurely thanks
> - in the default configuration, xmms2d is secured using UNIX domain > sockets, this is reasonably secure > > - however, users may be tempted to enable TCP mode, which has no > security at all The existence of inadvisable configurations is not, in itself, a release-critical bug (confirmed by release team members on IRC). Downgrading this to a non-RC severity. > - the manual (easily found by Google) provides easy instructions to > enable TCP mode, but no warnings about security consequences > http://xmms2.org/wiki/Using_the_application Happily, this appears to be a wiki, so interested users can correct this. > - put warnings in the online documentation and add a readme file with a > security warning Patches welcome, but this is not RC. Regards, smcv at the Cambridge BSP -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]

