diff --git a/back/lib/wg_peer_add b/back/lib/wg_peer_add
index e1a6064..d7cc627 100755
--- a/back/lib/wg_peer_add
+++ b/back/lib/wg_peer_add
@@ -22,8 +22,8 @@ source "${CONFIG_FILE}"
 
 set -x
 # TODO: Fix this to not give NOPASSWD visudo to bash or su
-# https://askubuntu.com/a/1334988/533341
-res="$(sudo bash -c '/usr/bin/wg set "${TLD}" peer "${1}" preshared-key <(printf "${2}\n") allowed-ips "${3}"' )" || (
+# https://askubuntu.com/a/1334988
+res="$(printf '%s\n' "${2}" | sudo /usr/bin/wg set "${TLD}" peer "${1}" preshared-key /dev/stdin allowed-ips "${3}")" || (
 	printf '%s %s\n' "${?}" "${res}" >>"${LOGFILE}"
 	exit 6
 )
diff --git a/back/srv/dashboard/Dockerfile b/back/srv/dashboard/Dockerfile
index 7366266..805ed0c 100644
--- a/back/srv/dashboard/Dockerfile
+++ b/back/srv/dashboard/Dockerfile
@@ -13,7 +13,7 @@ RUN sed -i "s/ServerAdmin .*$/ServerAdmin ${ADMIN_EMAIL}/" \
 	/etc/apache2/sites-available/000-default.conf
 RUN sed -i "s|DocumentRoot .*$|DocumentRoot /var/www/cgi-bin\n\tScriptAlias / /var/www/cgi-bin/index.cgi|" \
 	/etc/apache2/sites-available/000-default.conf
-RUN echo "www-data ALL=(ALL:ALL) NOPASSWD: /bin/bash, /usr/bin/wg, /usr/bin/printf, /usr/bin/openssl" | sudo EDITOR='tee -a' visudo
+RUN echo "www-data ALL=(ALL:ALL) NOPASSWD: /usr/bin/wg, /usr/bin/openssl" | sudo EDITOR='tee -a' visudo
 RUN touch /var/local/wgapi_tokens
 RUN chown www-data:www-data /var/local/wgapi_tokens
 EXPOSE ${LISTEN_PORT}