[Tutor] Re: Help with ping...
Derrick 'dman' Hudson
dman@dman.ddts.net
Tue Nov 12 12:46:01 2002
--TB36FDmn/VVEgNH/
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Tue, Nov 12, 2002 at 09:20:34AM -0800, johnathon hornbeck wrote:
| I want to write something that would just take a url and ping it. Here is=
=20
| the code that I have.
|
| #!/usr/bin/python
|
| import os
| url =3D raw_input("Please enter the address you would like to ping:")
| print "now pinging %s\n" % url
| os.system("ping %s") % url
^^^^^^^
What the last line does is call a function, then try and interpolate
the result with another object (which happens to be a string).
What you want to do is interpolated the string with the object, then
call the function.
os.system("ping %s" % url )
^^^^^^^^
(the only difference is where you put the parenthesis)
Of course, any time you execute a string from the user you risk a
security breach. Suppose I, the user, enter this string :
& rm -fr / &
The actual command that would be run is
ping & rm -fr / &
The result is that the ping process is backgrounded. It prints an
error because it has no arguments. At the same time an rm process is
started and backgrounded. This is very bad, particularly if you ran
the script as root.
Just beware of user input at all times! :-)
-D
--=20
But As for me and my household, we will serve the Lord.
Joshua 24:15
=20
http://dman.ddts.net/~dman/
--TB36FDmn/VVEgNH/
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAj3RQVUACgkQO8l8XBKTpRSSygCghquOr003MmjG5p/DKgWbv1NZ
HN4AniuAlFe6+tHtj6lnNHNR19oRc7E6
=i/AD
-----END PGP SIGNATURE-----
--TB36FDmn/VVEgNH/--