From 8532f01c7f3c356fbb2dda593477d3902491de77 Mon Sep 17 00:00:00 2001
From: jvoisin
Date: Sat, 15 Apr 2023 15:18:13 +0200
Subject: Document readonly_exec's `extended_checks` option

---
 doc/source/config.rst | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'doc')

diff --git a/doc/source/config.rst b/doc/source/config.rst
index 40e8c11..b302e8c 100644
--- a/doc/source/config.rst
+++ b/doc/source/config.rst
@@ -330,6 +330,14 @@ It can either be ``enabled`` or ``disabled`` and can be used in ``simulation`` m
 file or the folder containing it is owned by the user the PHP process is
 running under.
 
+Extended checks, enabled by default, can be explicitly enabled via
+``extended_checks`` and disabled via ``no_extended_checks``. The checks
+include:
+
+* verifying the effective user id;
+* verifying that the current folder isn't writable;
+* verifying the current folder effective user id.
+
 ::
 
   sp.readonly_exec.enable();
-- 
cgit v1.3