archive/ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2025-09-15 08:33:58 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Enhanced RDoc concerning command injection (#5537)

Browse source 
Clarifies security vulnerabilities for commands.

Treats:

    Kernel.system
    Kernel.` (backtick)
    IO.popen
    IO.read
    IO.write
    IO.binread
    IO.binwrite
    IO.readlines
    IO.foreach
This commit is contained in:
Burdette Lamar 2022-02-18 06:46:04 -06:00 committed by GitHub
parent 542a38f619
commit e9a2b30744
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
Notes: git 2022-02-18 21:46:25 +09:00 
Merged-By: BurdetteLamar <BurdetteLamar@Yahoo.com>
4 changed files with 79 additions and 26 deletions
Download patch file Download diff file Expand all files Collapse all files

2
object.c
View file

@ -4389,7 +4389,7 @@ InitVM_Object(void)
*
* === Subprocesses
*
* - #`cmd`:: Returns the standard output of running +cmd+ in a subshell.
* - #`command`:: Returns the standard output of running +command+ in a subshell.
* - #exec:: Replaces current process with a new process.
* - #fork:: Forks the current process into two processes.
* - #spawn:: Executes the given command and returns its pid without waiting