055598028a
When using functions like subprocess.Popen etc to launch an external executable, the full path should be given. This prevents an attacker from manipulting the search path or placing a bogus executable that will be launched instead of the intended one. Change-Id: I4a11f988bc3e954331ab0f0902ea849c6ec31888
4 lines
37 B
Python
4 lines
37 B
Python
import os
|
|
|
|
os.system('/bin/echo hi')
|