fsaris
commented
3 years ago If I'm not mistaken this is needed because the process needs to run a command in the shell
Closed fablocke closed 3 years ago
fsaris
commented
3 years ago If I'm not mistaken this is needed because the process needs to run a command in the shell
Hi, thank you for this project! I noticed something that is a little bit smelly:
shell=True can lead to a shell injection and should be avoided. https://docs.python.org/3/library/subprocess.html#security-considerations
https://github.com/fsaris/home-assistant-awox/blob/e990f897ca9b41e513e2b88181da8c6b9b3f5856/custom_components/awox/bluetoothctl.py#L19