From fac423f0b8a8ce2f3eb38b19d5a00e8ed973cfb2 Mon Sep 17 00:00:00 2001
From: Thomas Voss <thomasvoss@live.com>
Date: Sun, 23 Jan 2022 19:22:18 +0100
Subject: Add the AUTHORS and SECURITY sections

---
 mpaste.1 | 24 ++++++++++++++++++++++--
 1 file changed, 22 insertions(+), 2 deletions(-)

diff --git a/mpaste.1 b/mpaste.1
index 0d63739..a984338 100644
--- a/mpaste.1
+++ b/mpaste.1
@@ -1,7 +1,7 @@
 .\" vi: tw=100
 .Dd 23 January, 2022
 .Dt MPASTE 1
-.Os POSIX
+.Os \*(Px
 .Sh NAME
 .Nm mpaste
 .Nd a simple and minimal paste server
@@ -145,4 +145,24 @@ If not set, anyone will be able to POST their pastes to the server.
 .Sh EXIT STATUS
 .Ex -std
 .Sh SEE ALSO
-.Xr curl 1
+.Xr curl 1 ,
+.Xr nginx 1
+.Sh AUTHORS
+.An Thomas Voss Aq Mt thomasvoss@live.com
+.Sh SECURITY CONSIDERATIONS
+If deployed on a public network
+.Pq or even on a private one
+you should take the following
+.Pq non-exhaustive
+list of scenarios into consideration:
+.Bl -dash
+.It
+Users uploading exessively large files. You can consider using tools such as
+.Xr nginx 1
+to control the maximum allowed file upload size.
+.It
+Users uploading exessively many files.
+.It
+Users uploading non-plaintext files. On certain browsers this may prompt a user to download the
+hosted content, which is a potential attack vector.
+.El
-- 
cgit v1.2.3