# HG changeset patch # User Paul Crowley # Date 1255537923 -3600 # Node ID 5bcd5a5e422054a2d30885e8948c9d7191c1a9c8 # Parent 492bc9e536e1c8dc643aa97b2720db5591c06aec Tweak security para diff -r 492bc9e536e1 -r 5bcd5a5e4220 doc/manual.docbook --- a/doc/manual.docbook Wed Oct 14 17:30:47 2009 +0100 +++ b/doc/manual.docbook Wed Oct 14 17:32:03 2009 +0100 @@ -390,8 +390,8 @@ mercurial-server relies entirely on sshd to grant access to remote users. As a result, it runs no daemons, installs no setuid programs, and no part of it runs as root except the install process: all programs run as the user -hg. And any attack on mercurial-server can only be started if the Bad Guys -already have a public key in ~hg/.ssh/authorized_keys, +hg. Any attack on mercurial-server can only be started if the attacker +already has a public key in ~hg/.ssh/authorized_keys, otherwise sshd will bar the way.