shell argument leads to unnecessary privileges

Cette page n'est pas encore disponible en français, sa traduction est en cours.
Si vous avez des questions ou des retours sur notre projet de traduction actuel, n'hésitez pas à nous contacter.

Metadata

ID: python-security/subprocess-shell-true

Language: Python

Severity: Warning

Category: Security

Description

Never invoke subprocess.Popen with shell = True leads to unnecessary privileges and access to the underlying execution runtime. Execution with shell = True should clearly be verified and checked for code in production.

Learn More

  • CWE-250 - Execution with Unnecessary Privileges
  • CWE-657 - Violation of Secure Design Principles

Non-Compliant Code Examples

import subprocess

def find_dogweb_packages():
    # setuptools.find_packages is too slow since it walks the entire codebase, including Javascript code.
    # This is an equivalent but optimized function, specific to our codebase, listing all the available
    # packages.

    # Look for __init__.py files using fast UNIX tools
    r = subprocess.Popen(
        "find %s -name '__init__.py'" % " ".join(MODULE_PATHS), shell=True, stdout=subprocess.PIPE
    ).stdout.read()

from subprocess import Popen
Popen('/bin/ls %s' % ('something',), shell=True)

import subprocess
subprocess.Popen('/bin/ls %s' % ('something',), shell=True)

Compliant Code Examples

subprocess.Popen('/bin/ls %s' % ('something',), shell=False)
https://static.datadoghq.com/static/images/logos/github_avatar.svg https://static.datadoghq.com/static/images/logos/vscode_avatar.svg jetbrains

Seamless integrations. Try Datadog Code Analysis

Datadog Code Analysis