From b4e6dcfff4943db858c6dd7f6f225c39b8aa3547 Mon Sep 17 00:00:00 2001
From: "Kwardakov, Michael" <michael.kwardakov@billing.ru>
Date: Wed, 18 Jan 2017 13:12:21 +0300
Subject: [PATCH 1/2] Fix #428: add ldd security warning

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index df6ca81..cfe4663 100644
--- a/README.md
+++ b/README.md
@@ -321,7 +321,7 @@ mkdir empty && rsync -r --delete empty/ some-dir && rmdir some-dir
 
 - Know about `strace` and `ltrace`. These can be helpful if a program is failing, hanging, or crashing, and you don't know why, or if you want to get a general idea of performance. Note the profiling option (`-c`), and the ability to attach to a running process (`-p`).
 
-- Know about `ldd` to check shared libraries etc.
+- Know about `ldd` to check shared libraries etc, but never run it on untrusted files ([read more](http://www.catonmat.net/blog/ldd-arbitrary-code-execution/))
 
 - Know how to connect to a running process with `gdb` and get its stack traces.
 

From 8c1546e53ec93364f4b4c471298ec9914acc5b13 Mon Sep 17 00:00:00 2001
From: Joshua Levy <joshua@cal.berkeley.edu>
Date: Sat, 20 May 2017 10:43:25 -0700
Subject: [PATCH 2/2] Tighten language.

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index cfe4663..398f01a 100644
--- a/README.md
+++ b/README.md
@@ -321,7 +321,7 @@ mkdir empty && rsync -r --delete empty/ some-dir && rmdir some-dir
 
 - Know about `strace` and `ltrace`. These can be helpful if a program is failing, hanging, or crashing, and you don't know why, or if you want to get a general idea of performance. Note the profiling option (`-c`), and the ability to attach to a running process (`-p`).
 
-- Know about `ldd` to check shared libraries etc, but never run it on untrusted files ([read more](http://www.catonmat.net/blog/ldd-arbitrary-code-execution/))
+- Know about `ldd` to check shared libraries etc — but [never run it on untrusted files](http://www.catonmat.net/blog/ldd-arbitrary-code-execution/).
 
 - Know how to connect to a running process with `gdb` and get its stack traces.