=== How to fix it in .NET

include::../../common/fix/code-rationale.adoc[]

[cols="a"]
|===
h| Non-compliant code example
|
[source,csharp]
----
public class ExampleController : Controller
{
    public void Run(string binary)
    {
        Process p = new Process();
        p.StartInfo.FileName = binary; // Noncompliant
        p.Start();
    }
}
----
h| Compliant solution
|
[source,csharp]
----
public class ExampleController : Controller
{
    public void Run(string binary)
    {
        if (binary.Equals("/usr/bin/ls") \|\| binary.Equals("/usr/bin/cat"))
        {
            // only ls and cat commands are authorized
            Process p = new Process();
            p.StartInfo.FileName = binary;
            p.Start();
        }
    }
}
----
|===

=== How does this work?

include::../../common/fix/introduction.adoc[]

include::../../common/fix/pre-approved-list.adoc[]