From b597acf19c35dbf4b8bd0e2930fa9b4ecab8a106 Mon Sep 17 00:00:00 2001
From: nicolargo <nicolas@nicolargo.com>
Date: Wed, 21 Apr 2021 10:47:47 +0200
Subject: Remove shell=True for actions (following Bandit issue report) #1851

---
 glances/actions.py | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/glances/actions.py b/glances/actions.py
index 0674eb2d..ea94a816 100644
--- a/glances/actions.py
+++ b/glances/actions.py
@@ -2,7 +2,7 @@
 #
 # This file is part of Glances.
 #
-# Copyright (C) 2019 Nicolargo <nicolas@nicolargo.com>
+# Copyright (C) 2021 Nicolargo <nicolas@nicolargo.com>
 #
 # Glances is free software; you can redistribute it and/or modify
 # it under the terms of the GNU Lesser General Public License as published by
@@ -94,10 +94,10 @@ class GlancesActions(object):
             logger.info("Action triggered for {} ({}): {}".format(stat_name,
                                                                   criticity,
                                                                   cmd_full))
-            logger.debug("Stats value for the trigger: {}".format(
-                mustache_dict))
+            logger.debug("Action will be executed with the following command: \
+                subprocess.Popen({}, shell=False)".format(cmd_full.split(' ')))
             try:
-                Popen(cmd_full, shell=True)
+                Popen(cmd_full.split(' '), shell=False)
             except OSError as e:
                 logger.error("Can't execute the action ({})".format(e))
 
-- 
cgit v1.2.3