[master] 772a8ce Reference parameters in the reference manual directly

Poul-Henning Kamp phk at varnish-cache.org
Tue Oct 1 10:49:26 CEST 2013 

commit 772a8ce1b8f299f1d2c6dd6fafe1db7ef3ed4b6e
Author: Poul-Henning Kamp <phk at FreeBSD.org>
Date:   Tue Sep 24 05:53:03 2013 +0000

    Reference parameters in the reference manual directly

diff --git a/doc/sphinx/users-guide/run_security.rst b/doc/sphinx/users-guide/run_security.rst
index 09d6314..4267a93 100644
--- a/doc/sphinx/users-guide/run_security.rst
+++ b/doc/sphinx/users-guide/run_security.rst
@@ -96,19 +96,24 @@ Parameters can be set from the command line, and made "read-only"
 interface.
 
 Pretty much any parameter can be used to totally mess up your
-HTTP service, but a few can do more damage than that::
+HTTP service, but a few can do more damage than that:
 
-	user			-- access to local system via VCL
-	group			-- access to local system via VCL
-	listen_address		-- trojan other service ports (ssh!)
-	cc_command		-- execute arbitrary programs
+:ref:`ref_param_user` and :ref:`ref_param_group`
+	Access to local system via VCL
 
-Furthermore you may want to look at::
+:ref:`ref_param_listen_address`
+	Trojan other TCP sockets, like ssh
 
-	syslog_cli_traffic	-- know what is going on
-	vcc_unsafe_path		-- retrict VCL/VMODS to vcl_dir+vmod_dir
-	vcl_dir			-- VCL include dir
-	vmod_dir		-- VMOD import dir
+:ref:`ref_param_cc_command`
+	Execute arbitrary programs
+
+Furthermore you may want to look at and lock down:
+
+:ref:`ref_param_syslog_cli_traffic`
+	Log all CLI commands to syslog(8), so you know what goes on.
+
+:ref:`ref_param_vcc_unsafe_path`
+	Retrict VCL/VMODS to :ref:`ref_param_vcl_dir` and :ref:`ref_param_vmod_dir`
 
 The CLI interface
 -----------------
@@ -150,7 +155,7 @@ The params mentioned above can restrict VMOD so they can only
 be imported from a designated directory, restricting VCL wranglers
 to a pre-approved subset of VMODs.
 
-If you do that, we belive that your local system cannot be compromised
+If you do that, we believe that your local system cannot be compromised
 from VCL code.
 
 HTTP requests

More information about the varnish-commit mailing list