From 9bf7c4070365cf5b28ff933c143b9fb67ee43323 Mon Sep 17 00:00:00 2001
From: jesszzzz <jesszzzz@users.noreply.github.com>
Date: Mon, 15 Jul 2024 10:17:39 -0400
Subject: [PATCH] Remove unnecessary command injection checks in tests

Co-authored-by: Omry Yadan <omry@yadan.net>
---
 .../integration_test_tools/create_integration_test_ami.py   | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/plugins/hydra_ray_launcher/integration_test_tools/create_integration_test_ami.py b/plugins/hydra_ray_launcher/integration_test_tools/create_integration_test_ami.py
index 6352e4ae87..1f5bdc67a7 100644
--- a/plugins/hydra_ray_launcher/integration_test_tools/create_integration_test_ami.py
+++ b/plugins/hydra_ray_launcher/integration_test_tools/create_integration_test_ami.py
@@ -24,12 +24,6 @@
 
 def _run_command(command: str) -> str:
     print(f"{str(datetime.now())} - Running: {command}")
-    # Do some basic validation to avoid injection but it is not exhaustive,
-    # there is still a security risk here!
-    if ";" in command or "||" in command or "&&" in command or ">" in command:
-        raise ValueError(
-            "To avoid possible injection, command cannot contain ; || or &&"
-        )
     output = subprocess.getoutput(command)  # nosec B605
     print(f"{str(datetime.now())} - {output}")
     return output