mirror of
https://github.com/octoleo/telegram-bot-bash.git
synced 2024-12-29 05:02:46 +00:00
fix broken link
This commit is contained in:
parent
7aa409fbc8
commit
ced78d3656
@ -180,8 +180,8 @@ It features background tasks and interactive chats, and can serve as an interfac
|
|||||||
<p>Whenever you are processing input from from untrusted sources (messages, files, network) you must be as carefull as possible, e.g. set IFS appropriate, disable globbing (set -f) and quote everthing. In addition delete unused scripts and examples from your Bot, e.g. scripts 'notify', 'calc', 'question', and disable all not used commands.</p>
|
<p>Whenever you are processing input from from untrusted sources (messages, files, network) you must be as carefull as possible, e.g. set IFS appropriate, disable globbing (set -f) and quote everthing. In addition delete unused scripts and examples from your Bot, e.g. scripts 'notify', 'calc', 'question', and disable all not used commands.</p>
|
||||||
<p>A powerful tool to improve your scripts is <code>shellcheck</code>. You can <a href="https://www.shellcheck.net/">use it online</a> or <a href="https://github.com/koalaman/shellcheck#installing">install shellcheck locally</a>. Shellcheck is used extensive in bashbot development to enshure a high code quality, e.g. it's not allowed to push changes without passing all shellcheck tests. In addition bashbot has a <a href="doc/7_develop.md">test suite</a> to check if important functionality is working as expected.</p>
|
<p>A powerful tool to improve your scripts is <code>shellcheck</code>. You can <a href="https://www.shellcheck.net/">use it online</a> or <a href="https://github.com/koalaman/shellcheck#installing">install shellcheck locally</a>. Shellcheck is used extensive in bashbot development to enshure a high code quality, e.g. it's not allowed to push changes without passing all shellcheck tests. In addition bashbot has a <a href="doc/7_develop.md">test suite</a> to check if important functionality is working as expected.</p>
|
||||||
<h3>Do not use #!/usr/bin/env bash</h3>
|
<h3>Do not use #!/usr/bin/env bash</h3>
|
||||||
<p>We stay with /bin/bash shebang, because using the system bash is more save from security perspective.</p>
|
<p><strong>We stay with /bin/bash shebang, because it's more save from security perspective.</strong></p>
|
||||||
<p>It makes it harder for attackers and users to place alternative versions of bash and avoids using possibly broken, mangled or compromised bash executables.</p>
|
<p>Using the system provided bash makes it harder for attackers or users to place alternative versions of bash and avoids using possibly broken, mangled or compromised bash executables.</p>
|
||||||
<p>If you are a MacOS user or forced to use an alternative bash, see <a href="doc/0_install.md">Install Bashbot</a></p>
|
<p>If you are a MacOS user or forced to use an alternative bash, see <a href="doc/0_install.md">Install Bashbot</a></p>
|
||||||
<h3>Run your Bot as a restricted user</h3>
|
<h3>Run your Bot as a restricted user</h3>
|
||||||
<p><strong>I recommend to run your bot as a user, with almost no access rights.</strong> All files your Bot have write access to are in danger to be overwritten/deleted if your bot is hacked. For the same reason ervery file your Bot can read is in danger to be disclosed. Restict your Bots access rigths to the absolute minimum.</p>
|
<p><strong>I recommend to run your bot as a user, with almost no access rights.</strong> All files your Bot have write access to are in danger to be overwritten/deleted if your bot is hacked. For the same reason ervery file your Bot can read is in danger to be disclosed. Restict your Bots access rigths to the absolute minimum.</p>
|
||||||
@ -228,6 +228,6 @@ It features background tasks and interactive chats, and can serve as an interfac
|
|||||||
<p>@Gnadelwartz</p>
|
<p>@Gnadelwartz</p>
|
||||||
<h2>That's it!</h2>
|
<h2>That's it!</h2>
|
||||||
<p>If you feel that there's something missing or if you found a bug, feel free to submit a pull request!</p>
|
<p>If you feel that there's something missing or if you found a bug, feel free to submit a pull request!</p>
|
||||||
<h4>$$VERSION$$ V0.94-0-gbdb50c8</h4>
|
<h4>$$VERSION$$ V0.94-1-g7aa409f</h4>
|
||||||
</body>
|
</body>
|
||||||
</html>
|
</html>
|
||||||
|
@ -114,9 +114,9 @@ In addition bashbot has a [test suite](doc/7_develop.md) to check if important f
|
|||||||
|
|
||||||
### Do not use #!/usr/bin/env bash
|
### Do not use #!/usr/bin/env bash
|
||||||
|
|
||||||
We stay with /bin/bash shebang, because using the system bash is more save from security perspective.
|
**We stay with /bin/bash shebang, because it's more save from security perspective.**
|
||||||
|
|
||||||
It makes it harder for attackers and users to place alternative versions of bash and avoids using
|
Using the system provided bash makes it harder for attackers or users to place alternative versions of bash and avoids using
|
||||||
possibly broken, mangled or compromised bash executables.
|
possibly broken, mangled or compromised bash executables.
|
||||||
|
|
||||||
If you are a MacOS user or forced to use an alternative bash, see [Install Bashbot](doc/0_install.md)
|
If you are a MacOS user or forced to use an alternative bash, see [Install Bashbot](doc/0_install.md)
|
||||||
@ -192,4 +192,4 @@ This may happen if to many wrong requests are sent to api.telegram.org, e.g. usi
|
|||||||
|
|
||||||
If you feel that there's something missing or if you found a bug, feel free to submit a pull request!
|
If you feel that there's something missing or if you found a bug, feel free to submit a pull request!
|
||||||
|
|
||||||
#### $$VERSION$$ V0.94-0-gbdb50c8
|
#### $$VERSION$$ V0.94-1-g7aa409f
|
||||||
|
10
README.txt
10
README.txt
@ -156,11 +156,11 @@ functionality is working as expected.
|
|||||||
|
|
||||||
### Do not use #!/usr/bin/env bash
|
### Do not use #!/usr/bin/env bash
|
||||||
|
|
||||||
We stay with /bin/bash shebang, because using the system bash is more save from
|
**We stay with /bin/bash shebang, because it's more save from security
|
||||||
security perspective.
|
perspective.**
|
||||||
|
|
||||||
It makes it harder for attackers and users to place alternative versions of
|
Using the system provided bash makes it harder for attackers or users to place
|
||||||
bash and avoids using
|
alternative versions of bash and avoids using
|
||||||
possibly broken, mangled or compromised bash executables.
|
possibly broken, mangled or compromised bash executables.
|
||||||
|
|
||||||
If you are a MacOS user or forced to use an alternative bash, see [Install
|
If you are a MacOS user or forced to use an alternative bash, see [Install
|
||||||
@ -269,4 +269,4 @@ tor proxy on your server you may uncomment the ```BASHBOT_CURL_ARGS``` line in
|
|||||||
If you feel that there's something missing or if you found a bug, feel free to
|
If you feel that there's something missing or if you found a bug, feel free to
|
||||||
submit a pull request!
|
submit a pull request!
|
||||||
|
|
||||||
#### $$VERSION$$ V0.94-0-gbdb50c8
|
#### $$VERSION$$ V0.94-1-g7aa409f
|
||||||
|
@ -49,9 +49,10 @@ You must install a more current version of bash, as the default bash is way to o
|
|||||||
see e.g. [Install Bash on Mac](http://macappstore.org/bash/)
|
see e.g. [Install Bash on Mac](http://macappstore.org/bash/)
|
||||||
|
|
||||||
After installation / update of bashbot you must change the shebang line to point to your bash location
|
After installation / update of bashbot you must change the shebang line to point to your bash location
|
||||||
e.g. with the provided script ˋexamples/bash2env.shˋ
|
e.g. with the provided script 'examples/bash2env.sh'
|
||||||
|
|
||||||
We stay with /bin/bash shebang, because using the system bash is more save, see [Security Considerations](../README.md#Security Considerations)
|
We stay with /bin/bash shebang, because using the system bash is more save, see
|
||||||
|
[Security Considerations](../README.md#Security-Considerations)
|
||||||
|
|
||||||
### Notes on Updates
|
### Notes on Updates
|
||||||
|
|
||||||
@ -97,5 +98,5 @@ The old format is supported for backward compatibility, but may fail for corner
|
|||||||
|
|
||||||
#### [Next Create Bot](1_firstbot.md)
|
#### [Next Create Bot](1_firstbot.md)
|
||||||
|
|
||||||
#### $$VERSION$$ V0.94-0-gbdb50c8
|
#### $$VERSION$$ V0.94-1-g7aa409f
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user