From 0afa01d99b07237fb6e10e7b6f0bd8cce5b8f9b5 Mon Sep 17 00:00:00 2001
From: Dimitrij Drus <dadrus@gmx.de>
Date: Thu, 20 Jul 2023 21:02:59 +0200
Subject: [PATCH] warning further updated

---
 docs/content/docs/configuration/rules/providers.adoc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/content/docs/configuration/rules/providers.adoc b/docs/content/docs/configuration/rules/providers.adoc
index 0cc7c9ed4..8480d641a 100644
--- a/docs/content/docs/configuration/rules/providers.adoc
+++ b/docs/content/docs/configuration/rules/providers.adoc
@@ -31,7 +31,7 @@ Whether the configured `src` should be watched for updates. Defaults to `false`.
 +
 Whether to enable environment variables access in the rule set files. Defaults to `false`. If set to `true`, environment variables usage using Bash syntax is possible as with the link:{{< relref "/docs/getting_started/configuration_introduction.adoc#_configuration_file" >}}[static configuration].
 +
-WARNING: All environment variables, used in the rule set files must be known in advance to the heimdall process (when it starts). So, use with caution and try to avoid!
+WARNING: All environment variables, used in the rule set files must be known in advance to the heimdall process (when it starts). In addition, the usage of that functionality might lead to security issues. If an adversary is somehow able to add new or update existing rule sets, it would be theoretically able exfiltrating environment variables available to the heimdall process by crafting contextualizers or authorizers, which would forward the corresponding values to a controlled service. So, use with caution, disable the watching of rule set updates and try to avoid!
 +
 .Rule set which makes use of environment variables
 ====