diff options
| author | Mike Dalessio <[email protected]> | 2023-06-07 10:05:04 -0400 |
|---|---|---|
| committer | Nobuyoshi Nakada <[email protected]> | 2023-08-10 09:38:11 +0900 |
| commit | d2343368ab7e270118ea6baa9c6418bfed83135c (patch) | |
| tree | 0e25287d42464b9812033f613234f3baa11c5517 /doc/command_injection.rdoc | |
| parent | 984109b8363790723693ec04897b1155d899115f (diff) | |
Deprecate Kernel#open and IO support for subprocess creation/forking
Deprecate Kernel#open and IO support for subprocess creation and
forking. This deprecates subprocess creation and forking in
- Kernel#open
- URI.open
- IO.binread
- IO.foreach
- IO.readlines
- IO.read
- IO.write
This behavior is slated to be removed in Ruby 4.0
[Feature #19630]
Notes
Notes:
Merged: https://github.com/ruby/ruby/pull/7915
Diffstat (limited to 'doc/command_injection.rdoc')
| -rw-r--r-- | doc/command_injection.rdoc | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/doc/command_injection.rdoc b/doc/command_injection.rdoc index af09be23f0..4408b1839d 100644 --- a/doc/command_injection.rdoc +++ b/doc/command_injection.rdoc @@ -8,6 +8,7 @@ They should not be called with unknown or unsanitized commands. These methods include: - Kernel.system +- Kernel.open - {\`command` (backtick method)}[rdoc-ref:Kernel#`] (also called by the expression <tt>%x[command]</tt>). - IO.popen(command). @@ -17,6 +18,7 @@ These methods include: - IO.binwrite(command). - IO.readlines(command). - IO.foreach(command). +- URI.open(command). Note that some of these methods do not execute commands when called from subclass \File: |