Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- def sec_shell_eq_true(logical_line):
- # ignore spaces in the line, to find shell = True, shell =True, etc
- line_spaces_removed = logical_line.replace(' ', '')
- if 'shell=True' in line_spaces_removed and 'subprocess' in line_spaces_removed:
- yield(0, "Security risk: use of shell=True in subprocess call.")
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement