ExternalVendorCode/tahoe-lafs
1
0
Fork 0
mirror of https://github.com/tahoe-lafs/tahoe-lafs.git synced 2025-01-31 00:24:13 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

NEWS: caution about secret introducer.furl in world-readable tahoe.cfg

Browse Source
This commit is contained in:
Brian Warner 2013-04-25 19:14:17 -07:00
parent 7bb07fb5e2
commit 7ae630559f
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
NEWS.rst
View File

@ -32,7 +32,9 @@ Security Improvements
to generate a new FURL, delete the existing ``introducer.furl`` file and
restart it. After doing this, the ``[client]introducer.furl`` setting of
every client and server that should connect to that introducer must be
updated. (`#1802`_)
updated. Note that other users of a shared machine may be able to read
``introducer.furl`` from your ``tahoe.cfg`` file unless you configure the
file permissions to prevent them. (`#1802`_)
- Both ``introducer.furl`` and ``helper.furl`` are now censored from the
Welcome page, to prevent users of your gateway from learning enough to
create gateway nodes of their own. For existing guessable introducer