Skip to content

Commit

Permalink
Minor docs changes (microsoft#252)
Browse files Browse the repository at this point in the history
  • Loading branch information
soon committed Apr 24, 2019
1 parent 69d37a1 commit 45bc9d9
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -137,8 +137,8 @@ We recommend you specify exact versions of lint libraries, including `tslint-mic
</td>
<td>
Detects usages of child_process and especially child_process.exec() with a non-literal first argument.
It is dangerous to pass a string constructed at runtime as the first argument to the child_process.exec().
<code>child_process.exec(cmd)</code> runs <code>cmd</code> as a shell command which allows attacker to execute malicious code injected into <code>cmd</code> string.
It is dangerous to pass a string constructed at runtime as the first argument to the <code>child_process.exec()</code>.
<code>child_process.exec(cmd)</code> runs <code>cmd</code> as a shell command which could allow an attacker to execute malicious code injected into <code>cmd</code>.
Instead of <code>child_process.exec(cmd)</code> you should use <code>child_process.spawn(cmd)</code> or specify the command as a literal, e.g. <code>child_process.exec('ls')</code>.
</td>
<td>@next</td>
Expand Down

0 comments on commit 45bc9d9

Please sign in to comment.