From bcec0cafc9edbf1a563f184debf01169aed64c85 Mon Sep 17 00:00:00 2001
From: jvoisin
Date: Sat, 25 Apr 2026 22:25:27 +0200
Subject: Add a note about virtual-patching bypasses

---
 doc/source/config.rst   | 2 +-
 doc/source/features.rst | 6 +++++-
 2 files changed, 6 insertions(+), 2 deletions(-)

(limited to 'doc')

diff --git a/doc/source/config.rst b/doc/source/config.rst
index 2053c2f..a84bb60 100644
--- a/doc/source/config.rst
+++ b/doc/source/config.rst
@@ -152,7 +152,7 @@ least astonishment
 <https://en.wikipedia.org/wiki/Principle_of_least_astonishment>`__. But since
 it's `possible to modify php's logging system via php
 <https://www.php.net/manual/en/errorfunc.configuration.php>`__, it's
-heavily recommended to use the ``syslog`` option instead. The ``file:` option
+heavily recommended to use the ``syslog`` option instead. The ``file:`` option
 might be useful if you're using Snuffleupagus to fuzz or audit a codebase.
 
 log_max_len
diff --git a/doc/source/features.rst b/doc/source/features.rst
index adb8779..517bbec 100644
--- a/doc/source/features.rst
+++ b/doc/source/features.rst
@@ -309,7 +309,11 @@ of dangerous functions, dropping them everywhere else:
    :language: php
 
 
-The intent is to make post-exploitation process (such as backdooring of legitimate code, or RAT usage) a lot harder for the attacker.
+The intent is to make post-exploitation process (such as backdooring of
+legitimate code, or RAT usage) a lot harder for the attacker.
+
+Note that an attacker able to run arbitrary PHP code can likely bypass some virtual-patching
+by (ab)using some PHP features.
 
 
 .. _global-strict-feature:
-- 
cgit v1.3