Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Safely execute shell commands and get their output.
Ruby
tree: 67c40ce9f2

Fetching latest commit…

Cannot retrieve the latest commit at this time

Failed to load latest commit information.
lib
spec
.document
.gitignore
LICENSE
README.rdoc
Rakefile

README.rdoc

Safe Shell

Safe Shell lets you execute shell commands and get the resulting output, but without the security problems of Ruby's backtick operator.

If you use backticks to process a file supplied by a user, a carefully crafted filename could allow execution of an arbitrary command:

file = ";blah"
`echo #{file}`
sh: blah: command not found
=> "\n"

Safe Shell solves this.

SafeShell.execute("echo", file)
=> ";blah\n"

Note on Patches/Pull Requests

  • Fork the project.

  • Make your feature addition or bug fix.

  • Add tests for it. This is important so I don't break it in a future version unintentionally.

  • Commit, do not mess with rakefile, version, or history. (if you want to have your own version, that is fine but bump version in a commit by itself I can ignore when I pull)

  • Send me a pull request. Bonus points for topic branches.

Copyright

Copyright © 2010 Envato, Ian Leitch, & Pete Yandell. See LICENSE for details.

Something went wrong with that request. Please try again.