[issue13238] Add shell command helpers to shutil module
Nick Coghlan
report at bugs.python.org
Fri Oct 21 08:41:58 CEST 2011
Nick Coghlan <ncoghlan at gmail.com> added the comment:
Perhaps a better idea would be to use different names, so it's clearer at the point of invocation that the shell is being invoked (and hence shell injection attacks are a potential concern). For example:
shell_call
check_shell_call
check_shell_output
That would make large applications easier to audit (just search for 'shell_') while still making life easier for sysadmins.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue13238>
_______________________________________
More information about the Python-bugs-list
mailing list