Reviewed: https://review.openstack.org/149111 Committed: https://git.openstack.org/cgit/openstack/glance/commit/?id=91f13964838fcd1937b6789f5e72bfd6fee9d440 Submitter: Jenkins Branch: master commit 91f13964838fcd1937b6789f5e72bfd6fee9d440 Author: Steve Lewis <stevelle at gmail.com> Date: Wed Jan 21 17:32:41 2015 -0800 Eliminate shell param from subprocesses in tests Of the calls to execute a subprocess performed in tests, none of them require a shell. Test utility method was modified to not use a shell, eliminating a discouraged practice. Change-Id: If2571ee8f4ea2fdf6e14416d5abe5de275d3a1c4 Closes-Bug: 1348416 ** Changed in: glance Status: In Progress => Fix Committed -- You received this bug notification because you are a member of OpenStack Security Group, which is subscribed to OpenStack. https://bugs.launchpad.net/bugs/1348416 Title: Popen with shell=True Status in OpenStack Image Registry and Delivery Service (Glance): Fix Committed Status in OpenStack Security Advisories: Won't Fix Bug description: Glance uses subprocess.Popen with shell=True in glance/tests/unit/test_migrations.py line 175 in function _reset_datases: def execute_cmd(cmd=None): proc = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.STDOUT, shell=True) If execute_cmd contains, either accidentally or maliciously, a double quote then arbitrary data will be executed. Popen should be called with an argument list instead of directly through the shell. For more information on subprocess, shell=True and command injection see: https://docs.python.org/2/library/subprocess.html#frequently-used- arguments Since these are unit tests and the likelihood of malicious input is low the severity should also be low. To manage notifications about this bug go to: https://bugs.launchpad.net/glance/+bug/1348416/+subscriptions