diff options
| author | dosire <sytses@gmail.com> | 2014-03-24 15:04:43 +0400 |
|---|---|---|
| committer | dosire <sytses@gmail.com> | 2014-03-24 15:04:43 +0400 |
| commit | 00487d455a10e074a4539a231a9b3028853a7334 (patch) | |
| tree | feab98628a3dd514f2c105465a6c6838462ce60b /doc/development/shell_commands.md | |
| parent | 0aa389b4911221e0ec5730d5342a1c59f37a8015 (diff) | |
References for the issues the guide addresses.
Diffstat (limited to 'doc/development/shell_commands.md')
| -rw-r--r-- | doc/development/shell_commands.md | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/doc/development/shell_commands.md b/doc/development/shell_commands.md index 57b1172d5e6..63e58a63080 100644 --- a/doc/development/shell_commands.md +++ b/doc/development/shell_commands.md @@ -1,5 +1,11 @@ # Guidelines for shell commands in the GitLab codebase +## References + +- [Google Ruby Security Reviewer's Guide](https://code.google.com/p/ruby-security/wiki/Guide) +- [OWASP Command Injection](https://www.owasp.org/index.php/Command_Injection) +- [Ruby on Rails Security Guide](http://guides.rubyonrails.org/security.html) section 7.7 + ## Use File and FileUtils instead of shell commands Sometimes we invoke basic Unix commands via the shell when there is also a Ruby API for doing it. |