[master] 170d084 explain the reason behind -r
Per Buer
perbu at varnish-cache.org
Mon Apr 30 10:05:39 CEST 2012
commit 170d0842e5218393e9fa2e5c3025e2aedabd16e0
Author: Per Buer <perbu at varnish-software.com>
Date: Mon Apr 30 10:05:34 2012 +0200
explain the reason behind -r
diff --git a/doc/sphinx/reference/varnishd.rst b/doc/sphinx/reference/varnishd.rst
index b75bbb0..805e012 100644
--- a/doc/sphinx/reference/varnishd.rst
+++ b/doc/sphinx/reference/varnishd.rst
@@ -111,11 +111,13 @@ OPTIONS
default_ttl run-time parameter.
-r param[,param...]
- Specifies a list of parameters that are read only. In a
- very secure environment you want to consider setting
- parameters such as *user*, *group*, *cc_command*,
- *vcc_allow_inline_c* to read only as these can potentially
- be used to escalate privileges.
+ Specifies a list of parameters that are read only. This
+ gives the system administrator a way to limit what someone
+ with access to the Varnish CLI can do. In a very secure
+ environment you want to consider setting parameters such
+ as *user*, *group*, *cc_command*, *vcc_allow_inline_c* to
+ read only as these can potentially be used to escalate
+ privileges.
-u user Specifies the name of an unprivileged user to which the child
process should switch before it starts accepting
More information about the varnish-commit
mailing list