-
-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update exec-used
documentation
#7039
Comments
What would be the required change: no longer emit |
Yes |
Kind of depends on how "safe" we want to keep these. |
Maybe we could burst the message into "unsafe-exec-used" and "exec-used" ? |
I'm not sure. In the example you gave above I can still |
Being able to raise exception is not the same as being able to read all the env variable and transferring them to a server using |
Try I can write to your system, I can read from your system and then print the contents, I can probably even import |
Well that is convincing. Let's update the doc about |
exec-used
when precautions were takenexec-used
documentation
* Update ``exec--used`` documentation Closes #7039 * Be more explicit about third party plugins Closes #6900 * Document behaviour of config file generators Refs. #7478 Co-authored-by: Mark Byrne <31762852+mbyrnepr2@users.noreply.github.com> Co-authored-by: Pierre Sassoulas <pierre.sassoulas@gmail.com>
Bug description
In the following code, what can be use in
exec
is properly restricted.For example, if Ada is reasonable:
But if she's trying to read all our env variable:
Command used
Pylint output
Expected behavior
No
exec-used
, proper care were taken.Pylint version
The text was updated successfully, but these errors were encountered: