openstack/cinder
Code Issues Proposed changes

Nosec subprocess with shell equal True from Bandit

Browse Source 
In an effort to clean up Bandit issues, these instances of subprocess
being called with shell=True can be nosec'd as the commands being used
are hardcoded and therefore are not security issues.

Change-Id: I8d07f44e960d184cc1b4e136f4491f0bcf9c24ba
This commit is contained in:
Rohan Arora 2017-01-16 16:12:05 -06:00
parent 559d63f7d4
commit 97c082d629
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
cinder/config/generate_cinder_opts.py
View File

@ -61,11 +61,13 @@ if __name__ == "__main__":
'|/|g" | sort -u')
cmd_opts = common_string % REGISTER_OPTS_STR
output_opts = subprocess.check_output('{}'.format(cmd_opts), shell=True)
output_opts = subprocess.check_output( # nosec : command is hardcoded
'{}'.format(cmd_opts), shell=True)
dir_trees_list = output_opts.split()
cmd_opt = common_string % REGISTER_OPT_STR
output_opt = subprocess.check_output('{}'.format(cmd_opt), shell=True)
output_opt = subprocess.check_output( # nosec : command is hardcoded
'{}'.format(cmd_opt), shell=True)
temp_list = output_opt.split()
for item in temp_list: