ruby.git/doc/command_injection.rdoc, branch v3_4_9

[DOC] Update command_injection.rdoc

2024-01-22T03:06:00+00:00

- Add missing `Kernel.exec` and `Kernel.spawn`.
- Elaborate arguments that can cause injections.

[DOC] Adjust heading levels

2023-11-14T06:56:58+00:00

So that the first headings would be the top-most headings.

Deprecate Kernel#open and IO support for subprocess creation/forking

2023-08-10T00:38:11+00:00

Deprecate Kernel#open and IO support for subprocess creation and
forking. This deprecates subprocess creation and forking in

- Kernel#open
- URI.open
- IO.binread
- IO.foreach
- IO.readlines
- IO.read
- IO.write

This behavior is slated to be removed in Ruby 4.0

[Feature #19630]

[DOC] Escape backqoute method not to be converted to smart quotes

2022-09-03T14:47:46+00:00

Enhanced RDoc concerning command injection (#5537)

2022-02-18T12:46:04+00:00

Clarifies security vulnerabilities for commands.

Treats:

    Kernel.system
    Kernel.` (backtick)
    IO.popen
    IO.read
    IO.write
    IO.binread
    IO.binwrite
    IO.readlines
    IO.foreach