055598028a
When using functions like subprocess.Popen etc to launch an external executable, the full path should be given. This prevents an attacker from manipulting the search path or placing a bogus executable that will be launched instead of the intended one. Change-Id: I4a11f988bc3e954331ab0f0902ea849c6ec31888
9 lines
309 B
Python
9 lines
309 B
Python
import utils
|
|
import utils as u
|
|
|
|
u.execute('/bin/gcc --version', shell=True)
|
|
utils.execute('/bin/gcc --version', shell=True)
|
|
u.execute_with_timeout('/bin/gcc --version', shell=True)
|
|
utils.execute_with_timeout('/bin/gcc --version', shell=True)
|
|
utils.execute_with_timeout(['/bin/gcc', '--version'], shell=False)
|