This is the default, and blocks TCP-based attacks by making the
attacker fail to authenticate (while also preventing inadvisable
TCP-based configurations from working).
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=106004
Signed-off-by: Simon McVittie <smcv@collabora.com>
Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
Reviewed-by: Philip Withnall <withnall@endlessm.com>
(cherry picked from commit
aef4475939a773e1a205a71d641ea2bb6793ab92)
<auth> elements, all the listed mechanisms are allowed. The order in
which mechanisms are listed is not meaningful.</para>
+<para>On non-Windows operating systems, allowing only the
+ <literal>EXTERNAL</literal> authentication
+ mechanism is strongly recommended. This is the default for the
+ well-known system bus and for the well-known session bus.</para>
<para>Example: <auth>EXTERNAL</auth></para>