[Python-ideas] Draft PEP on string interpolation
Nikolaus Rath
Nikolaus at rath.org
Tue Aug 25 17:02:39 CEST 2015
On Aug 24 2015, Mike Miller <python-ideas-9N9vo3BbZlHk1uMJSBkQmQ at public.gmane.org> wrote:
> On 08/24/2015 07:05 PM, Nikolaus Rath wrote:
>> How is that compatible with your statement that
>>
>>> This means a billion lines of code using e-strings won't have to care
>>> about them, only a handful of places.
>>
>> Either str(estr) performs interpolation (so billions of lines of code
>> don't have to change, and my custom system()-like call get's an
>> interpolated string as well until I change it to be estr-aware), or it
>> does not (and billions of lines of code will break when they
>> unexpectedly get an estr instead of a str).
>>
>
> Not sure I understand... your system_like() call already accepts
> strings that could be formatted?
I'm talking about someone who has implemented a function (for whatever
reason) that behaves like os.system(). Say something like this (probably
the calls are all wrong because I didn't look them up, but I trust
everyone knows what I mean):
def nonblocking_system(cmd):
if os.fork() == 0:
os.exec('/bin/sh', '-c', cmd)
With this function, people have to be really careful about injection
vulnerabilities - just like with os.system():
os.system('rm %s' % file) # danger!
nonblocking_system('rm %s' % file) # danger!
But now you're proposing that os.system() get's support for e-strings,
which are then properly quoted. Now we have this:
os.system(e'rm {file}') # ok
nonblocking_system(e'rm {file}') # you'd think it's ok, but it's not
I think this is a terrible situation, because you can never be quite
sure where an e-string is ok (because the function is prepared for it),
and where it will act just like a string.
> The estr adds a protection (by escaping variables) that didn't exist
> in the past. It is not removing any protections or best practices.
No, but it muddles the water as to what is good and what is bad
practice. 'rm {file}' has always been bad practice, but with e-strings
e'rm {file}' may or may not be bad practice, depending what you do with
it.
Best,
-Nikolaus
--
GPG encrypted emails preferred. Key id: 0xD113FCAC3C4E599F
Fingerprint: ED31 791B 2C5C 1613 AF38 8B8A D113 FCAC 3C4E 599F
»Time flies like an arrow, fruit flies like a Banana.«
More information about the Python-ideas
mailing list