This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author r.david.murray
Recipients Alexander.Belopolsky, Christophe Simonis, brian.curtin, eric.smith, larry, r.david.murray
Date 2010-06-08.11:42:34
SpamBayes Score 0.12495627
Marked as misclassified No
Message-id <1275997357.1.0.0820334208597.issue7839@psf.upfronthosting.co.za>
In-reply-to
Content 
Unless we go the proliferating-interfaces route, it does represent a behavior change, and so if accepted would need to go through a deprecation cycle.  And if we did go that route, it would be a new feature.  So nothing can happen in 2.7, since it is already in the RC stage.

By the way, I did not suggest dropping the shell parameter, I argued against doing that.  The 'security' I referred to is that when you use a shell you are subject to shell-metacharacter-based attacks (and bugs!) if any elements of the command line come from user input and you don't sanitize them.  This problem doesn't exist with shell=False, which is why it is the default.
History
Date User Action Args
2010-06-08 11:42:37r.david.murraysetrecipients: + r.david.murray, larry, eric.smith, Christophe Simonis, brian.curtin, Alexander.Belopolsky
2010-06-08 11:42:37r.david.murraysetmessageid: <1275997357.1.0.0820334208597.issue7839@psf.upfronthosting.co.za>
2010-06-08 11:42:35r.david.murraylinkissue7839 messages
2010-06-08 11:42:34r.david.murraycreate