Commit Graph

1 Commits (cf0cd4b50bbabc5b2f8c36c63fc7b064c94f2040)

Author SHA1 Message Date
Abhijeet Kasurde e5649ca3e8
pipe: update docs for Popen with shell=True usage (#70596)
pipe lookup plugin uses Popen with shell=True intentionally.
This is considered a security issue if user input is not validated.
Updated docs to reflect this information for the user. Also, added
Bandit B602 documentation link for further reading.

Fixes: #70159

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
4 years ago