summaryrefslogtreecommitdiff
path: root/README.md
diff options
context:
space:
mode:
authorEvgeny Zinoviev <me@ch1p.io>2020-12-08 15:50:23 +0300
committerEvgeny Zinoviev <me@ch1p.io>2020-12-08 15:50:23 +0300
commit07e4587d4f2e0ffe1a36c41b95e0a25fc74ca789 (patch)
tree142c599a4bf298b985a3d35b4d1536a82984ef85 /README.md
parentcc24315bfd72ce0c2a275e54869b8fe77a655a46 (diff)
add comments to the code
Diffstat (limited to 'README.md')
-rw-r--r--README.md14
1 files changed, 7 insertions, 7 deletions
diff --git a/README.md b/README.md
index 1fd9f83..e2af752 100644
--- a/README.md
+++ b/README.md
@@ -92,7 +92,7 @@ Options:
"container"), it can read it from the `VOIDNSRUN_DIR` environment variable or
you can use `-r` argument to specify it.
-By default, **voidnsrun** binds only `/usr` from the container. But if you're
+By default, **voidnsrun** binds only `/usr` from the container. But if you're
launching `xbps-install`, `xbps-remove` or `xbps-reconfigure`and using
**voidnsrun** version 1.1 or higher, it will bind `/usr`, `/var` and `/etc`.
@@ -121,8 +121,8 @@ Options:
**voidnsundo** can be used in two modes.
-One is the **"normal" node**, when you invoke it like `voidnsundo <PROGRAM> [ARGS]`
-and your `PROGRAM` will be launched from and in the original mount namespace.
+One is the **"normal" node**, when you invoke it like `voidnsundo <PROGRAM> [ARGS]`
+and your `PROGRAM` will be launched from and in the original mount namespace.
For example, if you don't have a glibc version of firefox installed (so there's
no `/usr/bin/firefox` in the container), but you want to launch the "real" (the
@@ -262,10 +262,10 @@ generally bad, it's a common attack vector that allows local privilege
escalation by exploiting unsafe code of setuid programs.
While these utilities have been written with this thought in mind, don't trust
-me. Read the code, it's not too big. Place yourself in attacker's shoes and try
-to find a hole. For every new discovered vulnerability in these utilities that
-would allow privilege escalation or something similar I promise to pay $25 in
-Bitcoin. Contact me if you find something.
+me. Read the code, it's not too big and it's commented. Place yourself in
+attacker's shoes and try to find a hole. For every new discovered vulnerability
+in these utilities that would allow privilege escalation or something similar I
+promise to pay $25 in Bitcoin. Contact me if you find something.
## Changelog