Nosec subprocess with shell equal True from Bandit

In an effort to clean up Bandit issues, these instances of subprocess
being called with shell=True can be nosec'd as the commands being used
are hardcoded and therefore are not security issues.

Change-Id: I8d07f44e960d184cc1b4e136f4491f0bcf9c24ba
This commit is contained in:
Rohan Arora 2017-01-16 16:12:05 -06:00
parent 559d63f7d4
commit 97c082d629

View File

@ -61,11 +61,13 @@ if __name__ == "__main__":
'|/|g" | sort -u') '|/|g" | sort -u')
cmd_opts = common_string % REGISTER_OPTS_STR cmd_opts = common_string % REGISTER_OPTS_STR
output_opts = subprocess.check_output('{}'.format(cmd_opts), shell=True) output_opts = subprocess.check_output( # nosec : command is hardcoded
'{}'.format(cmd_opts), shell=True)
dir_trees_list = output_opts.split() dir_trees_list = output_opts.split()
cmd_opt = common_string % REGISTER_OPT_STR cmd_opt = common_string % REGISTER_OPT_STR
output_opt = subprocess.check_output('{}'.format(cmd_opt), shell=True) output_opt = subprocess.check_output( # nosec : command is hardcoded
'{}'.format(cmd_opt), shell=True)
temp_list = output_opt.split() temp_list = output_opt.split()
for item in temp_list: for item in temp_list: