Showing 885 of 902 total issues
Probable insecure usage of temp file/directory. Open
Open
def make_dir_and_populate(basedir="/tmp"):
- Exclude checks
Use of assert detected. The enclosed code will be removed when compiling to optimised byte code. Open
Open
assert os.path.isdir(tmp_dir), msg
- Exclude checks
Probable insecure usage of temp file/directory. Open
Open
mounted_status_server_socket = "/tmp/.status_server.sock"
- Exclude checks
Probable insecure usage of temp file/directory. Open
Open
runtime_task.task.runnable.uri = os.path.join(
"/tmp", runtime_task.task.runnable.uri
- Exclude checks
Probable insecure usage of temp file/directory. Open
Open
"/tmp/creat_partition" + process.run("date '+%d-%m-%y_%T'").stdout_text.strip()
- Exclude checks
Use of assert detected. The enclosed code will be removed when compiling to optimised byte code. Open
Open
assert 0
- Exclude checks
Function call with shell=True parameter identified, possible security issue. Open
Open
out = process.run(cmd, ignore_status=True, sudo=True, shell=True).stdout_text
- Exclude checks
Use of assert detected. The enclosed code will be removed when compiling to optimised byte code. Open
Open
assert self.tmpdir is None, "Job.setup() already called"
- Exclude checks
Probable insecure usage of temp file/directory. Open
Open
to = os.path.join("/tmp", asset)
- Exclude checks
The input method in Python 2 will read from standard input, evaluate and run the resulting string as python source code. This is similar, though in many ways worse, then using eval. On Python 2, use raw_input instead, input is safe in Python 3. Open
Open
return input(f"{question} (y/n) ")
- Exclude checks
Function call with shell=True parameter identified, possible security issue. Open
Open
mpaths = process.run(cmd, ignore_status=True, sudo=True, shell=True).stdout_text
- Exclude checks
Standard pseudo-random generators are not suitable for security/cryptographic purposes. Open
Open
return random.choice([True, True, True, True, False])
- Exclude checks
subprocess call - check for execution of untrusted input. Open
Open
return subprocess.Popen(
[runnable.uri] + list(runnable.args),
stdin=subprocess.DEVNULL,
stdout=stdout,
stderr=stderr,
- Exclude checks
subprocess call - check for execution of untrusted input. Open
Open
process = subprocess.Popen(
cmd,
stdin=subprocess.DEVNULL,
stdout=subprocess.PIPE,
stderr=subprocess.DEVNULL,
- Exclude checks
Function call with shell=True parameter identified, possible security issue. Open
Open
if not process.run(cmd, shell=True, ignore_status=True):
- Exclude checks
Function call with shell=True parameter identified, possible security issue. Open
Open
out = process.run(cmd, ignore_status=True, sudo=True, shell=True).stdout_text
- Exclude checks
Function call with shell=True parameter identified, possible security issue. Open
Open
output = process.run(cmd, ignore_status=True, shell=True).stdout_text
- Exclude checks
Function call with shell=True parameter identified, possible security issue. Open
Open
if process.system(
f"{self.ndctl} disable-region {name}", shell=True, ignore_status=True
- Exclude checks
Function call with shell=True parameter identified, possible security issue. Open
Open
if process.system(
f"{self.ndctl} enable-region {name}", shell=True, ignore_status=True
- Exclude checks
Function call with shell=True parameter identified, possible security issue. Open
Open
process.system(add_cmd, shell=True, sudo=True)
- Exclude checks