Commit a835b0ce authored by Sytse Sijbrandij's avatar Sytse Sijbrandij

Merge branch 'be_pragmatic_about_shelling_out' into 'master'

Be pragmatic about shelling out

See merge request !1149
parents 4e96c84e 97c5d380
...@@ -22,6 +22,12 @@ FileUtils.mkdir_p "tmp/special/directory" ...@@ -22,6 +22,12 @@ FileUtils.mkdir_p "tmp/special/directory"
contents = `cat #{filename}` contents = `cat #{filename}`
# Correct # Correct
contents = File.read(filename) contents = File.read(filename)
# Sometimes a shell command is just the best solution. The example below has no
# user input, and is hard to implement correctly in Ruby: delete all files and
# directories older than 120 minutes under /some/path, but not /some/path
# itself.
Gitlab::Popen.popen(%W(find /some/path -not -path /some/path -mmin +120 -delete))
``` ```
This coding style could have prevented CVE-2013-4490. This coding style could have prevented CVE-2013-4490.
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment