Security: Python subprocess spawned without shell=True but no input validation, vulnerable to code injection via script names

## Problem

Python backend spawned from Electron main.js without validating script inputs. Shell scripts with malicious names or content could be executed.

---

## Technical Details

**File:** `main.js`
**Line:** 2

```javascript
const { spawn } = require('child_process');
```

Script execution via /api/scripts/run endpoint may not validate script paths.

---

## Recommended Solution

Validate script paths before execution:

```javascript
const path = require('path');
const fs = require('fs');

function validateScriptPath(scriptPath) {
  const resolved = path.resolve(scriptPath);
  const allowed = path.resolve(__dirname, 'scripts');
  
  if (!resolved.startsWith(allowed)) {
    throw new Error('Access denied: path outside allowed directory');
  }
  
  if (!fs.existsSync(resolved)) {
    throw new Error('Script not found');
  }
  
  return resolved;
}
```

---

## Program Template
- [x] GSSoC '26

---

## Suggested Labels
security, command-injection, subprocess, gssoc-eligible
EOF
)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Security: Python subprocess spawned without shell=True but no input validation, vulnerable to code injection via script names #205

Problem

Technical Details

Recommended Solution

Program Template

Suggested Labels

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Security: Python subprocess spawned without shell=True but no input validation, vulnerable to code injection via script names #205

Description

Problem

Technical Details

Recommended Solution

Program Template

Suggested Labels

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions