summaryrefslogtreecommitdiff
path: root/doc/en
diff options
context:
space:
mode:
authorSébastien Helleu <flashcode@flashtux.org>2019-03-11 20:49:35 +0100
committerSébastien Helleu <flashcode@flashtux.org>2019-03-11 21:12:23 +0100
commit92e176ab895b9fdb5f15e3b3ade369c61cbb203f (patch)
tree119fb4bf4abe276e2e3cc55b76b71fd649046331 /doc/en
parente44c4904c3b6c36b38131e678f7710401550fbe4 (diff)
downloadweechat-92e176ab895b9fdb5f15e3b3ade369c61cbb203f.zip
relay: use empty value by default for option relay.weechat.commands (issue #928)
The relay client is supposed to be safe by default, and the relay connection should be protected by the different ways (restriction on IP address, SSL, strong password, Time-based One-Time Password, local bind address and use of SSH tunnel…). So this option lets the user add extra security by allowing only some commands (whitelist), or allowing any commands except a list of given commands (blacklist).
Diffstat (limited to 'doc/en')
-rw-r--r--doc/en/autogen/user/relay_options.adoc4
1 files changed, 2 insertions, 2 deletions
diff --git a/doc/en/autogen/user/relay_options.adoc b/doc/en/autogen/user/relay_options.adoc
index a977e270c..f3ae28135 100644
--- a/doc/en/autogen/user/relay_options.adoc
+++ b/doc/en/autogen/user/relay_options.adoc
@@ -183,7 +183,7 @@
** default value: `+""+`
* [[option_relay.weechat.commands]] *relay.weechat.commands*
-** description: pass:none[comma-separated list of commands allowed/denied when input data (text or command) is received from a client; "*" means any command, a name beginning with "!" is a negative value to prevent a command from being executed, wildcard "*" is allowed in names; by default some commands are not allowed (they could lead to denial of service or remote code execution if the client is not trusted)]
+** description: pass:none[comma-separated list of commands allowed/denied when input data (text or command) is received from a client; "*" means any command, a name beginning with "!" is a negative value to prevent a command from being executed, wildcard "*" is allowed in names; this option should be set if the relay client is not safe (someone could use it to run commands); for example "*,!exec,!quit" allows any command except /exec and /quit]
** type: string
** values: any string
-** default value: `+"*,!exec,!fset,!guile,!javascript,!lua,!perl,!php,!plugin,!python,!quit,!repeat,!ruby,!script,!secure,!set,!tcl,!unset,!upgrade,!wait"+`
+** default value: `+""+`