Note that access to certificate-directory and ca-directory should be limited

author Fabian Keil <fk@fabiankeil.de>

Wed, 19 Feb 2020 14:01:45 +0000 (15:01 +0100)

committer Fabian Keil <fk@fabiankeil.de>

Fri, 21 Feb 2020 14:57:56 +0000 (15:57 +0100)
author Fabian Keil <fk@fabiankeil.de>
Wed, 19 Feb 2020 14:01:45 +0000 (15:01 +0100)
committer Fabian Keil <fk@fabiankeil.de>
Fri, 21 Feb 2020 14:57:56 +0000 (15:57 +0100)
diff --git a/doc/source/p-config.sgml b/doc/source/p-config.sgml

index 5a5a241..877cbdf 100644 (file)
--- a/doc/source/p-config.sgml
+++ b/doc/source/p-config.sgml
@@ -3945,6 +3945,10 @@ forward-socks4, forward-socks4a, forward-socks5 and forward-socks5t</title>
      CA key, the CA certificate and the trusted CAs file
      are located.
     </para>
+   <para>
+    The permissions should only let &my-app; and the  &my-app;
+    admin access the directory.
+   </para>
    </listitem>
   </varlistentry>
   <varlistentry>
@@ -4182,6 +4186,10 @@ forward-socks4, forward-socks4a, forward-socks5 and forward-socks5t</title>
      This directive specifies the directory where generated
      TLS/SSL keys and certificates are saved.
     </para>
+   <para>
+    The permissions should only let &my-app; and the  &my-app;
+    admin access the directory.
+   </para>
    </listitem>
   </varlistentry>
   <varlistentry>
author	Fabian Keil <fk@fabiankeil.de>
	Wed, 19 Feb 2020 14:01:45 +0000 (15:01 +0100)
committer	Fabian Keil <fk@fabiankeil.de>
	Fri, 21 Feb 2020 14:57:56 +0000 (15:57 +0100)