From 10aaf5c8fbe9aab8e27b741feb3370f29db42b54 Mon Sep 17 00:00:00 2001 From: Timo Hirvonen Date: Fri, 27 Jul 2007 16:09:29 +0300 Subject: [PATCH] Add warnings about insecurity of using TCP/IP --- Doc/cmus.txt | 7 ++++++- main.c | 1 + ui_curses.c | 1 + 3 files changed, 8 insertions(+), 1 deletion(-) diff --git a/Doc/cmus.txt b/Doc/cmus.txt index 03ad75b..6cc197f 100644 --- a/Doc/cmus.txt +++ b/Doc/cmus.txt @@ -20,9 +20,14 @@ it can be controlled from the outside via *cmus-remote*(1). --listen ADDR Listen to ADDR (UNIX socket) instead of `/tmp/cmus-$USER`. + ADDR is either a UNIX socket or host[:port]. + + *WARNING*: Using host[:port] is insecure even with password! + It might be useful though in LAN if you want multiple local users to + able to control cmus. Never make cmus listen to the internet. NOTE: Don't use this option to run multiple instances as same user. - That would corrupt track metadata cache. + That would corrupt the track metadata cache. --plugins List available plugins and exit. diff --git a/main.c b/main.c index a0a8bc1..b68ba25 100644 --- a/main.c +++ b/main.c @@ -201,6 +201,7 @@ static const char *usage = "\n" " --server ADDR connect using ADDR instead of ~/.cmus/socket\n" " ADDR is either a UNIX socket or host[:port]\n" +" WARNING: using TCP/IP is insecure!\n" " --passwd PASSWD password to use for TCP/IP connection\n" " --help display this help and exit\n" " --version " VERSION "\n" diff --git a/ui_curses.c b/ui_curses.c index 414e2ad..08863f9 100644 --- a/ui_curses.c +++ b/ui_curses.c @@ -2021,6 +2021,7 @@ static const char *usage = "\n" " --listen ADDR listen on ADDR instead of ~/.cmus/socket\n" " ADDR is either a UNIX socket or host[:port]\n" +" WARNING: using TCP/IP is insecure!\n" " --plugins list available plugins and exit\n" " --help display this help and exit\n" " --version " VERSION "\n" -- 2.11.4.GIT