From 926761928f3f6e79e4eab57bab34b61aa89242a5 Mon Sep 17 00:00:00 2001 From: Alexander W Dehnert Date: Thu, 7 Nov 2013 02:06:18 -0500 Subject: [PATCH] minor wording cleanup --- doc/safe-shell.mdwn | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/safe-shell.mdwn b/doc/safe-shell.mdwn index f2cf726..e57eba1 100644 --- a/doc/safe-shell.mdwn +++ b/doc/safe-shell.mdwn @@ -107,7 +107,7 @@ If you get filenames from the user or from shell globbing, or any other kind of Fixing this depends on what command you're running. -For many, however, `--` is accepted to indicate that any options are done, and future arguments should be parsed as positional parameters --- even if they look like options. In the `sudo` example above, `sudo -u nobody -- "$@"` would avoid this attack (though obviously limiting which users commands can be run as in the `sudo` configuration should be done as well). +For many commands, however, `--` is accepted to indicate that any options are done, and future arguments should be parsed as positional parameters – even if they look like options. In the `sudo` example above, `sudo -u nobody -- "$@"` would avoid this attack (though obviously specifying in the `sudo` configuration that commands can only be run as `nobody` is also a good idea). Another approach is to prefix each filename with `./`, if the filenames are expected to be in the current directory. -- 2.44.0