From f81cc485c64f26bbb699e948c655bd036f8d103c Mon Sep 17 00:00:00 2001
From: Fabian Keil <fk@fabiankeil.de>
Date: Wed, 19 Feb 2020 15:01:45 +0100
Subject: [PATCH] Note that access to certificate-directory and ca-directory
 should be limited

... to Privoxy and the Privoxy admin.
---
 doc/source/p-config.sgml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/doc/source/p-config.sgml b/doc/source/p-config.sgml
index 5a5a241d..877cbdf0 100644
--- a/doc/source/p-config.sgml
+++ b/doc/source/p-config.sgml
@@ -3945,6 +3945,10 @@ forward-socks4, forward-socks4a, forward-socks5 and forward-socks5t</title>
     CA key, the CA certificate and the trusted CAs file
     are located.
    </para>
+   <para>
+    The permissions should only let &my-app; and the  &my-app;
+    admin access the directory.
+   </para>
   </listitem>
  </varlistentry>
  <varlistentry>
@@ -4182,6 +4186,10 @@ forward-socks4, forward-socks4a, forward-socks5 and forward-socks5t</title>
     This directive specifies the directory where generated
     TLS/SSL keys and certificates are saved.
    </para>
+   <para>
+    The permissions should only let &my-app; and the  &my-app;
+    admin access the directory.
+   </para>
   </listitem>
  </varlistentry>
  <varlistentry>
-- 
2.39.2