This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author vstinner
Recipients vstinner
Date 2014-10-14.22:32:55
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>
Attached patch modifies the ctypes.util module to not use a shell: it replaces with subprocess.Popen on Linux.

Running a shell is slower and is more vulnerable to code injection.

I only modified code path on Linux right now. They are still calls to os.popen() on sunos5, freebsd, openbsd and dragonfly.
Date User Action Args
2014-10-14 22:32:55vstinnersetrecipients: + vstinner
2014-10-14 22:32:55vstinnersetmessageid: <>
2014-10-14 22:32:55vstinnerlinkissue22636 messages
2014-10-14 22:32:55vstinnercreate