Check if security issues

[bartbutenaers]

Check whether there might be any security issues?
This node has been designed to use the standard Node-RED communication:

• From client to server: ajax calls to http admin endpoint
• From server to client: via the Node-RED websocket

But the Security section in the readme page of node-pty shows this:

All processes launched from node-pty will launch at the same permission level of the parent process. Take care particularly when using node-pty inside a server that's accessible on the internet. We recommend launching the pty inside a container to protect your host machine.

Not sure whether how big this issue is. Because there are currently other ways to execute backend commands, like e.g. the Exec and Daemon nodes ...

[bartbutenaers]

Julian has added his comments on Discourse. Enough for me to continue ...