Purpose : Used with other docs and files only.
- $Id: p-config.sgml,v 2.17 2007/07/21 11:53:40 fabiankeil Exp $
+ $Id: p-config.sgml,v 2.18 2007/11/03 14:31:27 fabiankeil Exp $
Copyright (C) 2001-2007 Privoxy Developers http://www.privoxy.org/
See LICENSE.
Sample Configuration File for Privoxy v&p-version;
</title>
<para>
- $Id: p-config.sgml,v 2.17 2007/07/21 11:53:40 fabiankeil Exp $
+ $Id: p-config.sgml,v 2.18 2007/11/03 14:31:27 fabiankeil Exp $
</para>
<para>
Copyright (C) 2001-2007 Privoxy Developers http://www.privoxy.org/
<varlistentry>
<term>Default value:</term>
<listitem>
- <para>logfile (Unix) <emphasis>or</emphasis> privoxy.log (Windows)</para>
+ <para><emphasis>Unset (commented out)</emphasis>. When activated: logfile (Unix) <emphasis>or</emphasis> privoxy.log (Windows)</para>
</listitem>
</varlistentry>
<varlistentry>
of detail and number of messages are set with the <literal>debug</literal>
option (see below). The logfile can be useful for tracking down a problem with
<application>Privoxy</application> (e.g., it's not blocking an ad you
- think it should block) but in most cases you probably will never look at it.
+ think it should block) but in most cases you probably will never look at
+ it. For this reason, it is disabled by default. For troubleshooting
+ purposes, you will have to explicitly enable it.
</para>
<para>
Your logfile will grow indefinitely, and you will probably want to
periodically remove it. On Unix systems, you can do this with a cron job
- (see <quote>man cron</quote>). For Red Hat, a <command>logrotate</command>
- script has been included.
+ (see <quote>man cron</quote>). For Red Hat based Linux distributions, a
+ <command>logrotate</command> script has been included.
</para>
<para>
On SuSE Linux systems, you can place a line like <quote>/var/log/privoxy.*
</varlistentry>
</variablelist>
-<![%config-file;[<literallayout>@@logfile logfile</literallayout>]]>
+<![%config-file;[<literallayout>@@#logfile logfile</literallayout>]]>
</sect3>
<varlistentry>
<term>Default value:</term>
<listitem>
- <para>Unset (commented out). When activated: jarfile (Unix) <emphasis>or</emphasis> privoxy.jar (Windows)</para>
+ <para><emphasis>Unset (commented out)</emphasis>. When activated: jarfile (Unix) <emphasis>or</emphasis> privoxy.jar (Windows)</para>
</listitem>
</varlistentry>
<varlistentry>
<varlistentry>
<term>Default value:</term>
<listitem>
- <para>1</para>
+ <para>0</para>
</listitem>
</varlistentry>
<varlistentry>
any URL.
</para>
<para>
- For the time being, access to the toggle feature can <emphasis>not</emphasis> be
+ Access to the toggle feature can <emphasis>not</emphasis> be
controlled separately by <quote>ACLs</quote> or HTTP authentication,
so that everybody who can access <application>Privoxy</application> (see
<quote>ACLs</quote> and <literal>listen-address</literal> above) can
toggle it for all users. So this option is <emphasis>not recommended</emphasis>
- for multi-user environments with untrusted users.
+ for multi-user environments with untrusted users. Because of
+ the obvious security implications, this feature is off by default.
+ Note that malicious client side code (e.g JavaScript) is also potentially
+ capable of changing <application>Privoxy's</application> intended
+ behavior.
</para>
<para>
Note that you must have compiled <application>Privoxy</application> with
</varlistentry>
</variablelist>
-<![%config-file;[<literallayout>@@enable-remote-toggle 1</literallayout>]]>
+<![%config-file;[<literallayout>@@enable-remote-toggle 0</literallayout>]]>
</sect3>
<varlistentry>
<term>Default value:</term>
<listitem>
- <para>1</para>
+ <para>0</para>
</listitem>
</varlistentry>
<varlistentry>
the ongoing request, even if it is enabled in one of the action files.
</para>
<para>
- If you are using <application>Privoxy</application> in a
- multi-user environment or with untrustworthy clients and want to
- enforce filtering, you will have to disable this option,
- otherwise you can ignore it.
+ This feature is disabled by default. If you are using
+ <application>Privoxy</application> in a environment with trusted clients,
+ you may enable this feature at your discretion. Note that malicious client
+ side code (e.g JavaScript) is also potentially capable of changing
+ <application>Privoxy's</application> intended behavior.
</para>
</listitem>
</varlistentry>
</variablelist>
-<![%config-file;[<literallayout>@@enable-remote-http-toggle 1</literallayout>]]>
+<![%config-file;[<literallayout>@@enable-remote-http-toggle 0</literallayout>]]>
</sect3>
<varlistentry>
<term>Default value:</term>
<listitem>
- <para>1</para>
+ <para>0</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Notes:</term>
<listitem>
<para>
- For the time being, access to the editor can <emphasis>not</emphasis> be
+ Access to the editor can <emphasis>not</emphasis> be
controlled separately by <quote>ACLs</quote> or HTTP authentication,
so that everybody who can access <application>Privoxy</application> (see
<quote>ACLs</quote> and <literal>listen-address</literal> above) can
- modify its configuration for all users. So this option is <emphasis>not
- recommended</emphasis> for multi-user environments with untrusted users.
+ modify its configuration for all users. This option is <emphasis>not
+ recommended</emphasis> for multi-user environments with untrusted users
+ and is therefore disabled by default. Note that malicious client side code
+ (e.g JavaScript) is also potentially capable of changing
+ <application>Privoxy's</application> intended behavior.
</para>
<para>
Note that you must have compiled <application>Privoxy</application> with
</varlistentry>
</variablelist>
-<![%config-file;[<literallayout>@@enable-edit-actions 1</literallayout>]]>
+<![%config-file;[<literallayout>@@enable-edit-actions 0</literallayout>]]>
</sect3>