Snippet: The leanest Popen wrapper
Thomas Rachel
nutznetz-0c1b6768-bfa9-48d5-a470-7603bd3aa915 at spamschutz.glglgl.de
Thu Aug 4 05:25:51 EDT 2011
Am 04.08.2011 10:42 schrieb Chris Rebert:
> I was considering the more general case where one of the strings may
> have come from user input. You then need to also escape
> $looks_like_a_var, `some_command`, and way more other such stuff that
> your simple function doesn't cover.
Even these things are harmless when included in ''s.
$ echo '`rm -rf .`' '$RANDOM'
`rm -rf .` $RANDOM
Thomas
More information about the Python-list
mailing list