Commit graph

1 commit

Author SHA1 Message Date
Abhijeet Kasurde
e5649ca3e8
pipe: update docs for Popen with shell=True usage (#70596)
pipe lookup plugin uses Popen with shell=True intentionally.
This is considered a security issue if user input is not validated.
Updated docs to reflect this information for the user. Also, added
Bandit B602 documentation link for further reading.

Fixes: #70159

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2020-07-13 21:40:52 +05:30