[Git][NTPsec/ntpsec][master] Deleted 1 commit: shell=True is a security hazard.
Gary E. Miller
gitlab at mg.gitlab.com
Sat Aug 20 07:04:04 UTC 2016
Gary E. Miller pushed to branch master at NTPsec / ntpsec
WARNING: The push did not contain any new commits, but force pushed to delete the commits and changes below.
Deleted commits:
f761ce1d by Gary E. Miller at 2016-08-20T00:03:34-07:00
shell=True is a security hazard.
- - - - -
1 changed file:
- ntpstats/ntpviz
Changes:
=====================================
ntpstats/ntpviz
=====================================
--- a/ntpstats/ntpviz
+++ b/ntpstats/ntpviz
@@ -37,8 +37,9 @@ def gnuplot(template, outfile=None):
out = None
else:
out = open(outfile, "w")
+ # shell=True is a security hazard
proc = subprocess.Popen("gnuplot",
- shell=True, bufsize=4096,
+ shell=False, bufsize=4096,
stdin=subprocess.PIPE, stdout=out)
proc.stdin.write(template)
proc.stdin.close()
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/commit/f761ce1d3d2e00fbb876056e3ad54c4beaee8ea3
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ntpsec.org/pipermail/vc/attachments/20160820/0d5eead7/attachment.html>
More information about the vc
mailing list