summaryrefslogtreecommitdiffstats
path: root/docs/SECURITY.md
diff options
context:
space:
mode:
authorTavian Barnes <tavianator@tavianator.com>2024-09-23 11:41:52 -0400
committerTavian Barnes <tavianator@tavianator.com>2024-09-23 11:42:49 -0400
commite456c6e18ce47279d429b38f0b348e1a5f2b2beb (patch)
tree84abea6eac269002e7650149cbd3d0b20a304465 /docs/SECURITY.md
parentcf2eb17c48a23d49bf517df58e34e30529c16576 (diff)
downloadbfs-e456c6e18ce47279d429b38f0b348e1a5f2b2beb.tar.xz
Fix spelling
Diffstat (limited to 'docs/SECURITY.md')
-rw-r--r--docs/SECURITY.md2
1 files changed, 1 insertions, 1 deletions
diff --git a/docs/SECURITY.md b/docs/SECURITY.md
index 7bcb5e6..dd3277a 100644
--- a/docs/SECURITY.md
+++ b/docs/SECURITY.md
@@ -16,7 +16,7 @@ Anyone with enough control over the command line of `bfs` or any `find`-compatib
> It is *always* unsafe to allow *any* other part of the command line to be affected by untrusted input.
> Use the `-f` flag, or `-files0-from`, to ensure that the input is interpreted as a path.
-This still has security implications, incuding:
+This still has security implications, including:
- **Information disclosure:** an attacker may learn whether particular files exist by observing `bfs`'s output, exit status, or even side channels like execution time.
- **Denial of service:** large directory trees or slow/network storage may cause `bfs` to consume excessive system resources.