Merge branch 'attribution-for-shell-guide' into 'master'

Attribution For Shell Guide
author: Jacob Vosmaer <jacob@gitlab.com> 2014-03-24 15:10:40 +0000
committer: Jacob Vosmaer <jacob@gitlab.com> 2014-03-24 15:10:40 +0000
commit: 1fe07cfbae11f2465fa59778fccac340d7274d89 (patch)
tree: 2722e2818245fe140bbe0a89f7ce5bbd2fa4f695 /doc/development
parent: 9b8ee3e0a6c31a430988cd5d397a8baa41d4533a (diff)
parent: 842c0d6b5f7a60a4e4523fe1faefaab5038c96eb (diff)
download: gitlab-ce-1fe07cfbae11f2465fa59778fccac340d7274d89.tar.gz
1 files changed, 6 insertions, 0 deletions
diff --git a/doc/development/shell_commands.md b/doc/development/shell_commands.md
index 57b1172d5e6..af0d5ca4426 100644
--- a/doc/development/shell_commands.md
+++ b/doc/development/shell_commands.md
@@ -1,5 +1,11 @@
 # Guidelines for shell commands in the GitLab codebase
 
+## References
+
+- [Google Ruby Security Reviewer's Guide](https://code.google.com/p/ruby-security/wiki/Guide)
+- [OWASP Command Injection](https://www.owasp.org/index.php/Command_Injection)
+- [Ruby on Rails Security Guide Command Line Injection](http://guides.rubyonrails.org/security.html#command-line-injection)
+
 ## Use File and FileUtils instead of shell commands
 
 Sometimes we invoke basic Unix commands via the shell when there is also a Ruby API for doing it.
author	Jacob Vosmaer <jacob@gitlab.com>	2014-03-24 15:10:40 +0000
committer	Jacob Vosmaer <jacob@gitlab.com>	2014-03-24 15:10:40 +0000
commit	1fe07cfbae11f2465fa59778fccac340d7274d89 (patch)
tree	2722e2818245fe140bbe0a89f7ce5bbd2fa4f695 /doc/development
parent	9b8ee3e0a6c31a430988cd5d397a8baa41d4533a (diff)
parent	842c0d6b5f7a60a4e4523fe1faefaab5038c96eb (diff)
download	gitlab-ce-1fe07cfbae11f2465fa59778fccac340d7274d89.tar.gz