From: Alexander W Dehnert Date: Thu, 7 Nov 2013 07:06:18 +0000 (-0500) Subject: minor wording cleanup X-Git-Url: https://sipb.mit.edu/gitweb.cgi/wiki.git/commitdiff_plain/926761928f3f6e79e4eab57bab34b61aa89242a5?ds=sidebyside minor wording cleanup --- diff --git a/doc/safe-shell.mdwn b/doc/safe-shell.mdwn index f2cf726..e57eba1 100644 --- a/doc/safe-shell.mdwn +++ b/doc/safe-shell.mdwn @@ -107,7 +107,7 @@ If you get filenames from the user or from shell globbing, or any other kind of Fixing this depends on what command you're running. -For many, however, `--` is accepted to indicate that any options are done, and future arguments should be parsed as positional parameters --- even if they look like options. In the `sudo` example above, `sudo -u nobody -- "$@"` would avoid this attack (though obviously limiting which users commands can be run as in the `sudo` configuration should be done as well). +For many commands, however, `--` is accepted to indicate that any options are done, and future arguments should be parsed as positional parameters – even if they look like options. In the `sudo` example above, `sudo -u nobody -- "$@"` would avoid this attack (though obviously specifying in the `sudo` configuration that commands can only be run as `nobody` is also a good idea). Another approach is to prefix each filename with `./`, if the filenames are expected to be in the current directory.