$NetBSD: patch-ad,v 1.3 2008/10/24 13:25:50 gdt Exp $

Don't expose position via INADDR_ANY by default.  Security fix for
http://developer.berlios.de/bugs/?func=detailbug&bug_id=14707&group_id=2116

--- gpsd.xml.orig	2008-01-21 13:35:31.000000000 -0500
+++ gpsd.xml
@@ -20,6 +20,7 @@
   <command>gpsd</command>  
       <arg choice='opt'>-f <replaceable>GPS-devicename</replaceable></arg>
       <arg choice='opt'>-F <replaceable>control-socket</replaceable></arg>
+      <arg choice='opt'>-G </arg>
       <!-- arg choice='opt'>-R
       <replaceable>rtcm-listener-port</replaceable></arg -->
       <arg choice='opt'>-S <replaceable>listener-port</replaceable></arg>
@@ -107,6 +108,12 @@ commands that edit the daemon's internal
 clients.</para></listitem>
 </varlistentry -->
 <varlistentry>
+<term>-G</term>
+<listitem><para>If present, listen for connections from other
+systems.  Otherwise, listen only for connections from this system.
+</para></listitem>
+</varlistentry>
+<varlistentry>
 <term>-S</term>
 <listitem><para>Set TCP/IP port on which to listen for GPSD clients 
 (default is 2947).</para></listitem>
@@ -871,6 +878,12 @@ will not attempt to document this interf
 </refsect1>
 <refsect1 id='security'><title>SECURITY AND PERMISSIONS ISSUES</title> 
 
+<para><application>gpsd</application>, if given the -G flag, will
+listen for connections from any reachable host, and then disclose the
+current position.  Before using the -G flag, consider whether you
+consider your computer's location to be sensitive data to be kept
+private or something that you wish to publish.</para>
+
 <para><application>gpsd</application> must start up as root in order
 to open the NTPD shared-memory segment, open its logfile, and create
 its local control socket.  Before doing any processing of GPS data, it
