Remove shell=True for actions (following Bandit issue report) #1851

author: nicolargo <nicolas@nicolargo.com> 2021-04-21 10:47:47 +0200
committer: nicolargo <nicolas@nicolargo.com> 2021-04-21 10:47:47 +0200
commit: b597acf19c35dbf4b8bd0e2930fa9b4ecab8a106 (patch)
tree: 67383c70e98b179478fcec233817dc6f9e0f4623
parent: fe7e3dff4e1e1a5433ae08747c6a8c4fac0a243a (diff)
1 files changed, 4 insertions, 4 deletions
diff --git a/glances/actions.py b/glances/actions.py
index 0674eb2d..ea94a816 100644
--- a/glances/actions.py
+++ b/glances/actions.py
@@ -2,7 +2,7 @@
 #
 # This file is part of Glances.
 #
-# Copyright (C) 2019 Nicolargo <nicolas@nicolargo.com>
+# Copyright (C) 2021 Nicolargo <nicolas@nicolargo.com>
 #
 # Glances is free software; you can redistribute it and/or modify
 # it under the terms of the GNU Lesser General Public License as published by
@@ -94,10 +94,10 @@ class GlancesActions(object):
             logger.info("Action triggered for {} ({}): {}".format(stat_name,
                                                                   criticity,
                                                                   cmd_full))
-            logger.debug("Stats value for the trigger: {}".format(
-                mustache_dict))
+            logger.debug("Action will be executed with the following command: \
+                subprocess.Popen({}, shell=False)".format(cmd_full.split(' ')))
             try:
-                Popen(cmd_full, shell=True)
+                Popen(cmd_full.split(' '), shell=False)
             except OSError as e:
                 logger.error("Can't execute the action ({})".format(e))
author	nicolargo <nicolas@nicolargo.com>	2021-04-21 10:47:47 +0200
committer	nicolargo <nicolas@nicolargo.com>	2021-04-21 10:47:47 +0200
commit	b597acf19c35dbf4b8bd0e2930fa9b4ecab8a106 (patch)
tree	67383c70e98b179478fcec233817dc6f9e0f4623
parent	fe7e3dff4e1e1a5433ae08747c6a8c4fac0a243a (diff)