diff options
author | Sébastien Helleu <flashcode@flashtux.org> | 2019-03-11 20:49:35 +0100 |
---|---|---|
committer | Sébastien Helleu <flashcode@flashtux.org> | 2019-03-11 21:12:23 +0100 |
commit | 92e176ab895b9fdb5f15e3b3ade369c61cbb203f (patch) | |
tree | 119fb4bf4abe276e2e3cc55b76b71fd649046331 /doc/en | |
parent | e44c4904c3b6c36b38131e678f7710401550fbe4 (diff) | |
download | weechat-92e176ab895b9fdb5f15e3b3ade369c61cbb203f.zip |
relay: use empty value by default for option relay.weechat.commands (issue #928)
The relay client is supposed to be safe by default, and the relay connection
should be protected by the different ways (restriction on IP address, SSL,
strong password, Time-based One-Time Password, local bind address and use of
SSH tunnel…).
So this option lets the user add extra security by allowing only some
commands (whitelist), or allowing any commands except a list of given
commands (blacklist).
Diffstat (limited to 'doc/en')
-rw-r--r-- | doc/en/autogen/user/relay_options.adoc | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/doc/en/autogen/user/relay_options.adoc b/doc/en/autogen/user/relay_options.adoc index a977e270c..f3ae28135 100644 --- a/doc/en/autogen/user/relay_options.adoc +++ b/doc/en/autogen/user/relay_options.adoc @@ -183,7 +183,7 @@ ** default value: `+""+` * [[option_relay.weechat.commands]] *relay.weechat.commands* -** description: pass:none[comma-separated list of commands allowed/denied when input data (text or command) is received from a client; "*" means any command, a name beginning with "!" is a negative value to prevent a command from being executed, wildcard "*" is allowed in names; by default some commands are not allowed (they could lead to denial of service or remote code execution if the client is not trusted)] +** description: pass:none[comma-separated list of commands allowed/denied when input data (text or command) is received from a client; "*" means any command, a name beginning with "!" is a negative value to prevent a command from being executed, wildcard "*" is allowed in names; this option should be set if the relay client is not safe (someone could use it to run commands); for example "*,!exec,!quit" allows any command except /exec and /quit] ** type: string ** values: any string -** default value: `+"*,!exec,!fset,!guile,!javascript,!lua,!perl,!php,!plugin,!python,!quit,!repeat,!ruby,!script,!secure,!set,!tcl,!unset,!upgrade,!wait"+` +** default value: `+""+` |