rspec/rules/S5883/rationale.adoc

OS command argument injections occur when applications allow the execution of
operating system commands from untrusted data but the untrusted data is limited
to the arguments. +
It is not possible to directly inject arbitrary commands that
compromise the underlying operating system, but the behavior of the executed
command still might be influenced in a way that allows to expand access, for
example, execution of arbitrary commands. The security of the application
depends on the behavior of the application that is executed.
[APPSEC-60] Modify rule S5883: Educational content (Commons) (#1149) 2022-08-05 17:25:27 +02:00			`OS command argument injections occur when applications allow the execution of`
			`operating system commands from untrusted data but the untrusted data is limited`
			`to the arguments. +`
			`It is not possible to directly inject arbitrary commands that`
			`compromise the underlying operating system, but the behavior of the executed`
			`command still might be influenced in a way that allows to expand access, for`
			`example, execution of arbitrary commands. The security of the application`
			`depends on the behavior of the application that is executed.`