X-Git-Url: http://git.tuebingen.mpg.de/?p=paraslash.git;a=blobdiff_plain;f=afs.c;h=d5afc6d9eb12eb731fecfdb8209bcd150e0e01cd;hp=46af53f8b81e78d41d25a12200c5888f6171198f;hb=4a7535aa8ed90a598d8a932adc61fe6009ebbd01;hpb=030a9d5c9fe28328d5db977bf2c8ddbf7302673d

diff --git a/afs.c b/afs.c
index 46af53f8..d5afc6d9 100644
--- a/afs.c
+++ b/afs.c
@@ -97,10 +97,11 @@ static char *current_mop; /* mode or playlist specifier. NULL means dummy mood *
 /**
  * A random number used to "authenticate" the connection.
  *
- * para_server picks this number by random before forking the afs process.  The
- * command handlers write this number together with the id of the shared memory
- * area containing the query. This way, a malicious local user has to know this
- * number to be able to cause the afs process to crash by sending fake queries.
+ * para_server picks this number by random before it forks the afs process. The
+ * command handlers know this number as well and write it to the afs socket,
+ * together with the id of the shared memory area which contains the payload of
+ * the afs command. A local process has to know this number to abuse the afs
+ * service provided by the local socket.
  */
 extern uint32_t afs_socket_cookie;