Author vstinner
Recipients vstinner
Date 2014-10-14.22:32:55
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1413325975.89.0.175884398711.issue22636@psf.upfronthosting.co.za>
In-reply-to
Content
Attached patch modifies the ctypes.util module to not use a shell: it replaces os.open() with subprocess.Popen on Linux.

Running a shell is slower and is more vulnerable to code injection.

I only modified code path on Linux right now. They are still calls to os.popen() on sunos5, freebsd, openbsd and dragonfly.
History
Date User Action Args
2014-10-14 22:32:55vstinnersetrecipients: + vstinner
2014-10-14 22:32:55vstinnersetmessageid: <1413325975.89.0.175884398711.issue22636@psf.upfronthosting.co.za>
2014-10-14 22:32:55vstinnerlinkissue22636 messages
2014-10-14 22:32:55vstinnercreate