diff options
| author | Jean Boussier <jean.boussier@gmail.com> | 2025-12-26 09:14:57 +0100 |
|---|---|---|
| committer | Jean Boussier <jean.boussier@gmail.com> | 2025-12-26 13:05:29 +0100 |
| commit | b304c149aa2fe845872ccdf6ea88e7fe155c61f3 (patch) | |
| tree | f2db672e83b3a361f96456362469af275ecdbc9d /doc | |
| parent | c3424615821192488f644d41eff21fa349a1eb2f (diff) | |
[DOC] Remove outdated documentation about command injection
[Feature #19630]
This dangerous behavior was removed in 4.0 (996cae65f3cc8fed60c6bb758b00882cac49389d)
but the documentation wasn't updated.
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/security/command_injection.rdoc | 22 |
1 files changed, 0 insertions, 22 deletions
diff --git a/doc/security/command_injection.rdoc b/doc/security/command_injection.rdoc index ee33d4a04e..d46e42f7be 100644 --- a/doc/security/command_injection.rdoc +++ b/doc/security/command_injection.rdoc @@ -13,25 +13,3 @@ These methods include: - {\`command` (backtick method)}[rdoc-ref:Kernel#`] (also called by the expression <tt>%x[command]</tt>). - IO.popen (when called with other than <tt>"-"</tt>). - -Some methods execute a system command only if the given path name starts -with a <tt>|</tt>: - -- Kernel.open(command). -- IO.read(command). -- IO.write(command). -- IO.binread(command). -- IO.binwrite(command). -- IO.readlines(command). -- IO.foreach(command). -- URI.open(command). - -Note that some of these methods do not execute commands when called -from subclass +File+: - -- File.read(path). -- File.write(path). -- File.binread(path). -- File.binwrite(path). -- File.readlines(path). -- File.foreach(path). |