🛡️ Sentinel: [CRITICAL/HIGH] Fix Local Privilege Escalation / Arbitrary Code Execution risk

[ManupaKDU]

🚨 Severity: CRITICAL
💡 Vulnerability: Unsafe relative command fallback. If the system ping binary was missing from the PATH, PING_PATH fell back to "ping". Executing a relative string allows arbitrary code execution or local privilege escalation if the application is run from a directory containing a malicious executable named ping.
🎯 Impact: An attacker with write access to the current working directory could place a malicious executable named ping, resulting in arbitrary code execution with the permissions of the application.
🔧 Fix: Replaced the fallback logic with a secure failure mechanism. The application now raises a RuntimeError if shutil.which("ping") returns None. Added a corresponding learning entry to .jules/sentinel.md.
✅ Verification: Verified via python3 -m unittest test_testping1.py that existing tests still pass and the application loads cleanly in environments where ping is present.

---

PR created automatically by Jules for task 6476141288132778078 started by @ManupaKDU

[google-labs-jules]

👋 Jules, reporting for duty! I'm here to lend a hand with this pull request.

When you start a review, I'll add a 👀 emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down.

I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job!

For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with @jules. You can find this option in the Pull Request section of your global Jules UI settings. You can always switch back!

New to Jules? Learn more at jules.google/docs.

---

For security, I will only act on instructions from the user who triggered this task.