From 2347babbf0d93d1025cb822d55255dfcd8cb3e57 Mon Sep 17 00:00:00 2001 From: John MacFarlane Date: Thu, 15 Nov 2018 10:10:40 -0800 Subject: [PATCH] MANUAL: Under security, added note about +RTS option to limit heap size. See #5047. --- MANUAL.txt | 3 +++ 1 file changed, 3 insertions(+) diff --git a/MANUAL.txt b/MANUAL.txt index 23725a4c9..7f80e4d3d 100644 --- a/MANUAL.txt +++ b/MANUAL.txt @@ -4885,6 +4885,9 @@ application, here are some things to keep in mind: 3. Pandoc's parsers can exhibit pathological performance on some corner cases. It is wise to put any pandoc operations under a timeout, to avoid DOS attacks that exploit these issues. + If you are using the pandoc executable, you can add the + command line options `+RTS -M512M -RTS` (for example) to limit + the heap size to 512MB. 4. The HTML generated by pandoc is not guaranteed to be safe. If `raw_html` is enabled for the Markdown input, users can