1 files changed, 27 insertions, 13 deletions

diff --git a/src/webengine/doc/src/qtwebengine-platform-notes.qdoc b/src/webengine/doc/src/qtwebengine-platform-notes.qdoc
index 5b7d750ff..1af2141b1 100644
--- a/src/webengine/doc/src/qtwebengine-platform-notes.qdoc
+++ b/src/webengine/doc/src/qtwebengine-platform-notes.qdoc
@@ -1,6 +1,6 @@
 /****************************************************************************
 **
-** Copyright (C) 2016 The Qt Company Ltd.
+** Copyright (C) 2019 The Qt Company Ltd.
 ** Contact: https://www.qt.io/licensing/
 **
 ** This file is part of the documentation of the Qt Toolkit.
@@ -73,7 +73,9 @@
 
     \list
         \li Visual Studio 2017 version 15.8 or later
-        \li Windows 10 SDK
+        \li Active Template Library (ATL), usually included in the Visual Studio
+            installation
+        \li Windows 10 SDK version 10.0.18362 or later
     \endlist
 
     \QWE can only be built on 64-bit Windows, with a x64-bit toolchain.
@@ -172,20 +174,32 @@
 
     \section1 Sandboxing Support
 
-    \QWE provides out-of-the-box sandboxing support for Chromium render processes on Linux
-    and \macos. Sandboxing is currently not supported on Windows due to a limitation in how
-    the sandbox is set up and how it interacts with the host process provided by the \QWE
-    libraries.
+    \QWE provides out-of-the-box sandboxing support for Chromium render
+    processes.
 
-    On \macos, there are no special requirements for enabling sandbox support.
+    On Linux, note the following restrictions:
 
-    On Linux, the kernel has to support the anonymous namespaces feature (kernel version >= 3.8)
-    and seccomp-bpf feature (kernel version >= 3.5). Setuid sandboxes are not supported and are thus
-    disabled.
+    \list
+        \li The kernel has to support the anonymous namespaces feature
+            (kernel version 3.8 or later). However, on Debian, Ubuntu,
+            and other Debian-derived distributions, this feature is off
+            by default. It can be turned on by setting
+            \c /proc/sys/kernel/unprivileged_userns_clone to 1.
+        \li The kernel has to support the \c seccomp-bpf feature (kernel
+            version 3.5 or later).
+        \li Setuid sandboxes are not supported and are thus disabled.
+    \endlist
+
+    To explicitly disable sandboxing, use one of the following options:
+
+    \list
+        \li Set the \c QTWEBENGINE_DISABLE_SANDBOX environment variable to 1.
+        \li Pass the \c{--no-sandbox} command line argument to the user
+            application executable.
+        \li Set \c QTWEBENGINE_CHROMIUM_FLAGS to \c{--no-sandbox}.
+    \endlist
 
-    To explicitly disable sandboxing, the \c QTWEBENGINE_DISABLE_SANDBOX environment variable can be
-    set to 1 or alternatively the \c{--no-sandbox} command line argument can be passed to the user
-    application executable.
+    For more information, see \l{Using Command-Line Arguments}.
 
     \section1 Accessibility and Performance