Document ACL restriction options for Pageant.

These are just cross-references to the existing descriptions in the "Using PuTTY" section.
2025-01-09 17:38:00 +00:00 · 2019-03-17 15:17:52 +00:00 · 2019-03-17 15:17:52 +00:00 · c78f59fd9d
commit c78f59fd9d
parent 6d98399a27
2 changed files with 12 additions and 1 deletions
--- a/doc/pageant.but
+++ b/doc/pageant.but
@ -159,6 +159,17 @@ by the command, like this:

 \c C:\PuTTY\pageant.exe d:\main.ppk -c C:\PuTTY\putty.exe

+\S{pageant-cmdline-restrict-acl} Restricting the \i{Windows process ACL}
+
+Pageant supports the same \i\c{-restrict-acl} option as the other
+PuTTY utilities to lock down the Pageant process's access control;
+see \k{using-cmdline-restrict-acl} for why you might want to do this.
+
+By default, if Pageant is started with \c{-restrict-acl}, it won't
+pass this to any PuTTY sessions started from its System Tray submenu.
+Use \c{-restrict-putty-acl} to change this. (Again, see
+\k{using-cmdline-restrict-acl} for details.)
+
 \H{pageant-forward} Using \i{agent forwarding}

 Agent forwarding is a mechanism that allows applications on your SSH
--- a/doc/using.but
+++ b/doc/using.but
@ -1071,4 +1071,4 @@ Pageant stores the more critical information (hence benefits more from
 the extra protection), so it's reasonable to want to run Pageant but
 not PuTTY with the ACL restrictions. You can force Pageant to start
 subsidiary PuTTY processes with a restricted ACL if you also pass the
-\c{-restrict-putty-acl} option.
+\i\c{-restrict-putty-acl} option.