fix broken link

This commit is contained in:
Kay Marquardt (Gnadelwartz) 2020-05-17 14:02:03 +02:00
parent 7aa409fbc8
commit ced78d3656
4 changed files with 15 additions and 14 deletions

View File

@ -180,8 +180,8 @@ It features background tasks and interactive chats, and can serve as an interfac
<p>Whenever you are processing input from from untrusted sources (messages, files, network) you must be as carefull as possible, e.g. set IFS appropriate, disable globbing (set -f) and quote everthing. In addition delete unused scripts and examples from your Bot, e.g. scripts 'notify', 'calc', 'question', and disable all not used commands.</p> <p>Whenever you are processing input from from untrusted sources (messages, files, network) you must be as carefull as possible, e.g. set IFS appropriate, disable globbing (set -f) and quote everthing. In addition delete unused scripts and examples from your Bot, e.g. scripts 'notify', 'calc', 'question', and disable all not used commands.</p>
<p>A powerful tool to improve your scripts is <code>shellcheck</code>. You can <a href="https://www.shellcheck.net/">use it online</a> or <a href="https://github.com/koalaman/shellcheck#installing">install shellcheck locally</a>. Shellcheck is used extensive in bashbot development to enshure a high code quality, e.g. it's not allowed to push changes without passing all shellcheck tests. In addition bashbot has a <a href="doc/7_develop.md">test suite</a> to check if important functionality is working as expected.</p> <p>A powerful tool to improve your scripts is <code>shellcheck</code>. You can <a href="https://www.shellcheck.net/">use it online</a> or <a href="https://github.com/koalaman/shellcheck#installing">install shellcheck locally</a>. Shellcheck is used extensive in bashbot development to enshure a high code quality, e.g. it's not allowed to push changes without passing all shellcheck tests. In addition bashbot has a <a href="doc/7_develop.md">test suite</a> to check if important functionality is working as expected.</p>
<h3>Do not use #!/usr/bin/env bash</h3> <h3>Do not use #!/usr/bin/env bash</h3>
<p>We stay with /bin/bash shebang, because using the system bash is more save from security perspective.</p> <p><strong>We stay with /bin/bash shebang, because it's more save from security perspective.</strong></p>
<p>It makes it harder for attackers and users to place alternative versions of bash and avoids using possibly broken, mangled or compromised bash executables.</p> <p>Using the system provided bash makes it harder for attackers or users to place alternative versions of bash and avoids using possibly broken, mangled or compromised bash executables.</p>
<p>If you are a MacOS user or forced to use an alternative bash, see <a href="doc/0_install.md">Install Bashbot</a></p> <p>If you are a MacOS user or forced to use an alternative bash, see <a href="doc/0_install.md">Install Bashbot</a></p>
<h3>Run your Bot as a restricted user</h3> <h3>Run your Bot as a restricted user</h3>
<p><strong>I recommend to run your bot as a user, with almost no access rights.</strong> All files your Bot have write access to are in danger to be overwritten/deleted if your bot is hacked. For the same reason ervery file your Bot can read is in danger to be disclosed. Restict your Bots access rigths to the absolute minimum.</p> <p><strong>I recommend to run your bot as a user, with almost no access rights.</strong> All files your Bot have write access to are in danger to be overwritten/deleted if your bot is hacked. For the same reason ervery file your Bot can read is in danger to be disclosed. Restict your Bots access rigths to the absolute minimum.</p>
@ -228,6 +228,6 @@ It features background tasks and interactive chats, and can serve as an interfac
<p>@Gnadelwartz</p> <p>@Gnadelwartz</p>
<h2>That's it!</h2> <h2>That's it!</h2>
<p>If you feel that there's something missing or if you found a bug, feel free to submit a pull request!</p> <p>If you feel that there's something missing or if you found a bug, feel free to submit a pull request!</p>
<h4>$$VERSION$$ V0.94-0-gbdb50c8</h4> <h4>$$VERSION$$ V0.94-1-g7aa409f</h4>
</body> </body>
</html> </html>

View File

@ -114,9 +114,9 @@ In addition bashbot has a [test suite](doc/7_develop.md) to check if important f
### Do not use #!/usr/bin/env bash ### Do not use #!/usr/bin/env bash
We stay with /bin/bash shebang, because using the system bash is more save from security perspective. **We stay with /bin/bash shebang, because it's more save from security perspective.**
It makes it harder for attackers and users to place alternative versions of bash and avoids using Using the system provided bash makes it harder for attackers or users to place alternative versions of bash and avoids using
possibly broken, mangled or compromised bash executables. possibly broken, mangled or compromised bash executables.
If you are a MacOS user or forced to use an alternative bash, see [Install Bashbot](doc/0_install.md) If you are a MacOS user or forced to use an alternative bash, see [Install Bashbot](doc/0_install.md)
@ -192,4 +192,4 @@ This may happen if to many wrong requests are sent to api.telegram.org, e.g. usi
If you feel that there's something missing or if you found a bug, feel free to submit a pull request! If you feel that there's something missing or if you found a bug, feel free to submit a pull request!
#### $$VERSION$$ V0.94-0-gbdb50c8 #### $$VERSION$$ V0.94-1-g7aa409f

View File

@ -156,11 +156,11 @@ functionality is working as expected.
### Do not use #!/usr/bin/env bash ### Do not use #!/usr/bin/env bash
We stay with /bin/bash shebang, because using the system bash is more save from **We stay with /bin/bash shebang, because it's more save from security
security perspective. perspective.**
It makes it harder for attackers and users to place alternative versions of Using the system provided bash makes it harder for attackers or users to place
bash and avoids using alternative versions of bash and avoids using
possibly broken, mangled or compromised bash executables. possibly broken, mangled or compromised bash executables.
If you are a MacOS user or forced to use an alternative bash, see [Install If you are a MacOS user or forced to use an alternative bash, see [Install
@ -269,4 +269,4 @@ tor proxy on your server you may uncomment the ```BASHBOT_CURL_ARGS``` line in
If you feel that there's something missing or if you found a bug, feel free to If you feel that there's something missing or if you found a bug, feel free to
submit a pull request! submit a pull request!
#### $$VERSION$$ V0.94-0-gbdb50c8 #### $$VERSION$$ V0.94-1-g7aa409f

View File

@ -49,9 +49,10 @@ You must install a more current version of bash, as the default bash is way to o
see e.g. [Install Bash on Mac](http://macappstore.org/bash/) see e.g. [Install Bash on Mac](http://macappstore.org/bash/)
After installation / update of bashbot you must change the shebang line to point to your bash location After installation / update of bashbot you must change the shebang line to point to your bash location
e.g. with the provided script ˋexamples/bash2env.shˋ e.g. with the provided script 'examples/bash2env.sh'
We stay with /bin/bash shebang, because using the system bash is more save, see [Security Considerations](../README.md#Security Considerations) We stay with /bin/bash shebang, because using the system bash is more save, see
[Security Considerations](../README.md#Security-Considerations)
### Notes on Updates ### Notes on Updates
@ -97,5 +98,5 @@ The old format is supported for backward compatibility, but may fail for corner
#### [Next Create Bot](1_firstbot.md) #### [Next Create Bot](1_firstbot.md)
#### $$VERSION$$ V0.94-0-gbdb50c8 #### $$VERSION$$ V0.94-1-g7aa409f