Clarify path matching for SAFER controls

Make it explicit that the 'form' of the paths (e.g. absolute vs relative) must
match between --permit-file-* paramters and the actual path used to reference
the file

1 files changed, 9 insertions, 2 deletions

diff --git a/doc/Use.htm b/doc/Use.htm
index c6da92029..3672e3abd 100644
--- a/doc/Use.htm
+++ b/doc/Use.htm
@@ -3517,9 +3517,16 @@ operation of <code>setpagedevice</code>, and because this capability is <i>extre
 rarely used, we feel the improvement in security warrants the small reduction in
 flexibility.
 <p>
-Path matching is simple: it is case sensitive, and we do not implement full featured
+Path matching is very simple: it is case sensitive, and we do not implement full featured
 &quot;globbing&quot; or regular expression matching (such complexity would significantly
-and negatively impact performance). The following cases are handled:
+and negatively impact performance). Further, the string parameter(s) passed to the
+<code>--permit-file-*</code> option must exactly match the string(s) used to reference
+the file(s): for example, you cannot use a absolute path to grant permission, and
+then a relative path to reference the file (or vice versa) - the path match will fail.
+Similarly, you cannot grant permission through one symlink, and then reference a file
+directly, or through an alternative symlink - again, the matching will fail.
+<p>
+The following cases are handled:
 <ul>
 <li>
 <dt><code>&quot;&sol;path&sol;to&sol;file&quot;</code></dt>