diff options
| author | Jeremy Harris <jgh146exb@wizmail.org> | 2020-07-12 13:36:10 +0100 |
|---|---|---|
| committer | Jeremy Harris <jgh146exb@wizmail.org> | 2020-07-12 13:36:10 +0100 |
| commit | 040494b780a1f6db9f7dba0058c29e975241c1b0 (patch) | |
| tree | 4ac7e544a971b1b49f39e3e56999ded14827b72c | |
| parent | 63c4307e5873801eaed051ef258d90a52a7d19e7 (diff) | |
Docs: add note on non-functionality of "exists" for de-tainting
| -rw-r--r-- | doc/doc-docbook/spec.xfpt | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 0ffc88c58..d981f6230 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -11656,6 +11656,11 @@ condition is true if the named file (or directory) exists. The existence test is done by calling the &[stat()]& function. The use of the &%exists%& test in users' filter files may be locked out by the system administrator. +.new +&*Note:*& Testing a path using this condition is not a sufficient way of +de-tainting it. +.wen + .vitem &*first_delivery*& .cindex "delivery" "first" .cindex "first delivery" |