snac(8): Words of caution for strip_exif configuration

Add words of caution and reasoning to the "strip_exif" configuration for
the server.json file, as these commands would be executed outside of the
sandbox - at least on OpenBSD - and both have quite a history on
security issues due to their huge attack surface and variety of
supported protocols.

After getting comfortable with the related code, I would continue using
it on a personal instance, but would reconsider enabling "strip_exif" on
shared instances with multiple users.

IMO, snac administrators should at least know of potential dangers.

0 files changed, 0 insertions, 0 deletions