From 3b113be573cdbca20ce9ec9c0a6efb25ccf51db5 Mon Sep 17 00:00:00 2001
From: jvoisin
Date: Thu, 4 Jan 2018 15:59:59 +0100
Subject: Eval blacklist

Add support for eval filtering, only blacklist for now---
 doc/source/config.rst | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

(limited to 'doc/source/config.rst')

diff --git a/doc/source/config.rst b/doc/source/config.rst
index e42cb99..d16474f 100644
--- a/doc/source/config.rst
+++ b/doc/source/config.rst
@@ -246,6 +246,20 @@ disable_xxe
   sp.disable_xxe.enable();
 
 
+Eval white and blacklist
+^^^^^^^^^^^^^^^^^^^^^^^^
+ * `default: disabled`
+ * :ref:`more <eval-feature>`
+
+``eval_filter`` allows to specify white and blacklist of functions allowed and
+forbidden from being called inside ``eval``. The functions names are comma-separated.
+
+::
+
+  sp.eval_filter.blacklist("system,exec,shell_exec");
+  sp.eval_filter.whitelist("strlen,strcmp").simulation();
+
+
 Virtual-patching
 ----------------
 
-- 
cgit v1.3