This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author pitrou
Recipients alex, cvrebert, eric.araujo, ncoghlan, pitrou
Date 2011-10-21.23:13:22
SpamBayes Score 0.00015836857
Marked as misclassified No
Message-id <>
Hum, in:

return_code = shellcmd.shell_call('ls -l {}', dirname)
listing = shellcmd.check_shell_output('ls -l {}', dirname) do you know that dirname doesn't need some kind of escaping?
This is not only a security issue, but a bug. Even if security doesn't matter on your system, your script will still break and/or do unexpected things.

Also, I don't really understand how your recipe improves things. You're just saving one call to .format(). You would probably have the same saving by using the % operator.
Date User Action Args
2011-10-21 23:13:23pitrousetrecipients: + pitrou, ncoghlan, eric.araujo, alex, cvrebert
2011-10-21 23:13:23pitrousetmessageid: <>
2011-10-21 23:13:23pitroulinkissue13238 messages
2011-10-21 23:13:22pitroucreate