* doc/security.rdoc: Grammatical error on security guide

Patch by Josh Bassett [Github fixes ruby#245] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@39053 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
lann · Feb 5, 2013 · 47da37b · 47da37b
1 parent acd3f3e
commit 47da37b
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 1 deletion.
diff --git a/ChangeLog b/ChangeLog
@@ -1,3 +1,8 @@
+Tue Feb  5 10:15:00 2013  Zachary Scott  <[email protected]>
+
+	* doc/security.rdoc: Grammatical error on security guide
+	  Patch by Josh Bassett [Github fixes #245]
+
 Tue Feb  5 10:00:00 2013  Zachary Scott  <[email protected]>
 
 	* lib/racc/parser.rb: Update #do_parse and #yyparse from upstream

diff --git a/doc/security.rdoc b/doc/security.rdoc
@@ -18,7 +18,7 @@ Ruby's +Marshal+ module provides methods for serializing and deserializing Ruby
 
 Never use +Marshal.load+ to deserialize untrusted or user supplied data. Because +Marshal+ can deserialize to almost any Ruby object and has full control over instance variables, it is possible to craft a malicious payload that executes code shortly after deserialization.
 
-If you need to deserialize untrusted data, you should use JSON as it is only capable of returning 'primitive' types such as strings, arrays, hashes, numbers and nil. If you need to deserialize other classes, you should do handle this manually. Never deserialize to a user specified class.
+If you need to deserialize untrusted data, you should use JSON as it is only capable of returning 'primitive' types such as strings, arrays, hashes, numbers and nil. If you need to deserialize other classes, you should handle this manually. Never deserialize to a user specified class.
 
 == +YAML+