1berry/ruby
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
82,899 Commits 27 Branches 1,171 Tags
Commit Graph

5 Commits

Author SHA1 Message Date
Nobuyoshi Nakada
4a11f50f79
[DOC] Update command_injection.rdoc 
- Add missing `Kernel.exec` and `Kernel.spawn`.
- Elaborate arguments that can cause injections.
 2024-01-22 12:06:00 +09:00
Nobuyoshi Nakada
19a7a7660c
[DOC] Adjust heading levels 
So that the first headings would be the top-most headings.
 2023-11-14 15:56:58 +09:00
Mike Dalessio
d2343368ab Deprecate Kernel#open and IO support for subprocess creation/forking 
Deprecate Kernel#open and IO support for subprocess creation and
forking. This deprecates subprocess creation and forking in

- Kernel#open
- URI.open
- IO.binread
- IO.foreach
- IO.readlines
- IO.read
- IO.write

This behavior is slated to be removed in Ruby 4.0

[Feature #19630]
 2023-08-10 09:38:11 +09:00
Nobuyoshi Nakada
0111dc5b79
[DOC] Escape backqoute method not to be converted to smart quotes 2022-09-03 23:47:46 +09:00
Burdette Lamar
e9a2b30744
Enhanced RDoc concerning command injection (#5537) 
Clarifies security vulnerabilities for commands.

Treats:

    Kernel.system
    Kernel.` (backtick)
    IO.popen
    IO.read
    IO.write
    IO.binread
    IO.binwrite
    IO.readlines
    IO.foreach
 2022-02-18 06:46:04 -06:00