Message229364
Attached patch modifies the uuid module to not use a shell: it replaces os.popen() with subprocess.Popen on UNIX.
Running a shell is slower and is more vulnerable to code injection.
I only modified code path on UNIX right now. They is still a call to os.popen() on Windows.
Note: The patch works on bytes string instead of Unicode. |
|
Date |
User |
Action |
Args |
2014-10-14 22:35:37 | vstinner | set | recipients:
+ vstinner |
2014-10-14 22:35:37 | vstinner | set | messageid: <1413326137.66.0.946040587589.issue22637@psf.upfronthosting.co.za> |
2014-10-14 22:35:37 | vstinner | link | issue22637 messages |
2014-10-14 22:35:37 | vstinner | create | |
|