1 files changed, 31 insertions, 0 deletions

diff --git a/src/third_party/wiredtiger/src/docs/home.dox b/src/third_party/wiredtiger/src/docs/home.dox
new file mode 100644
index 00000000000..3cde64877b2
--- /dev/null
+++ b/src/third_party/wiredtiger/src/docs/home.dox
@@ -0,0 +1,31 @@
+/*! @page home Database Home Directory
+
+WiredTiger file naming is based on the \c home argument specified to the
+::wiredtiger_open function and the \c WIREDTIGER_HOME environment
+variable, determined by the following steps:
+
+-# If a \c home argument is specified to the ::wiredtiger_open function,
+its value is used as the database directory.
+-# If the \c WIREDTIGER_HOME environment variable is not set, the database
+directory is the process' current working directory.  No current working
+directory path is maintained by the WiredTiger software and changing the
+working directory after opening the WiredTiger database may cause failure.
+-# If the process is running with special privileges, the ::wiredtiger_open
+function must be configured with the \c use_environment_priv flag.  The
+\c use_environment_priv flag is intended for applications that have or
+acquire special privileges and wish to use an environment-specified home
+directory: if such an application does not configure the ::wiredtiger_open
+function with the \c use_environment_priv flag, setting an environment
+value will cause the open to fail.  On ISO/IEC 9945-1:1990 (POSIX.1)
+systems, "special privileges" is defined as a real user ID not equal to the
+effective user ID, or the real group ID not equal to the effective group
+ID.
+-# Otherwise, the value of the \c WIREDTIGER_HOME environment variable is
+used as the database directory.
+
+Finally, consider security when configuring WiredTiger to use the
+\c WIREDTIGER_HOME environment variable, especially in applications which
+run with permissions other than the user's.  Such applications are
+potentially vulnerable to allowing users access to databases they could not
+otherwise access.
+*/