Escaping strings to be used in shell commands?
Michael Hudson
mwh21 at cam.ac.uk
Wed Apr 18 14:56:30 EDT 2001
Gabriel Ambuehl <gabriel_ambuehl-py at buz.ch> writes:
> I wonder what is the easiest way to escape user submitted strings so
> I can safely use them in os.system() calls. Limiting the allowed
> chars isn't feasible since I want them to use as safe passwords as
> possible and those generally DO consist of special chars. Any good
> ideas how I could solve this?
Don't use os.system - use os.execv or os.spawnv instead. That way you
don't have to do battle with the Bourne shell's, erm, interesting
quoting rules.
Cheers,
M,
--
The only problem with Microsoft is they just have no taste.
-- Steve Jobs, (From _Triumph of the Nerds_ PBS special)
and quoted by Aahz Maruch on comp.lang.python
More information about the Python-list
mailing list