References for the issues the guide addresses.

author: dosire <sytses@gmail.com> 2014-03-24 12:04:43 +0100
committer: dosire <sytses@gmail.com> 2014-03-24 12:04:43 +0100
commit: 00487d455a10e074a4539a231a9b3028853a7334 (patch)
tree: feab98628a3dd514f2c105465a6c6838462ce60b /doc/development
parent: 0aa389b4911221e0ec5730d5342a1c59f37a8015 (diff)
download: gitlab-ce-00487d455a10e074a4539a231a9b3028853a7334.tar.gz
1 files changed, 6 insertions, 0 deletions
diff --git a/doc/development/shell_commands.md b/doc/development/shell_commands.md
index 57b1172d5e6..63e58a63080 100644
--- a/doc/development/shell_commands.md
+++ b/doc/development/shell_commands.md
@@ -1,5 +1,11 @@
 # Guidelines for shell commands in the GitLab codebase
 
+## References
+
+- [Google Ruby Security Reviewer's Guide](https://code.google.com/p/ruby-security/wiki/Guide)
+- [OWASP Command Injection](https://www.owasp.org/index.php/Command_Injection)
+- [Ruby on Rails Security Guide](http://guides.rubyonrails.org/security.html) section 7.7
+
 ## Use File and FileUtils instead of shell commands
 
 Sometimes we invoke basic Unix commands via the shell when there is also a Ruby API for doing it.
author	dosire <sytses@gmail.com>	2014-03-24 12:04:43 +0100
committer	dosire <sytses@gmail.com>	2014-03-24 12:04:43 +0100
commit	00487d455a10e074a4539a231a9b3028853a7334 (patch)
tree	feab98628a3dd514f2c105465a6c6838462ce60b /doc/development
parent	0aa389b4911221e0ec5730d5342a1c59f37a8015 (diff)
download	gitlab-ce-00487d455a10e074a4539a231a9b3028853a7334.tar.gz