Message 249880 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	r.david.murray
Recipients	bhou, paul.moore, r.david.murray, steve.dower, tim.golden, zach.ware
Date	2015-09-05.01:26:17
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1441416377.91.0.787267446616.issue25005@psf.upfronthosting.co.za>
In-reply-to

Content
Thank you for reporting this. I see that the Windows browser class uses shell=True, and that is wrong from a security standpoint. This appears to be a regression from 3.4, introduced by issue 8232. Since this is a security regression there either needs to be a fix or that changeset should be backed out.

Thank you for reporting this.

I see that the Windows browser class uses shell=True, and that is wrong from a security standpoint.

This appears to be a regression from 3.4, introduced by issue 8232.  Since this is a security regression there either needs to be a fix or that changeset should be backed out.

History
Date	User	Action	Args
2015-09-05 01:26:17	r.david.murray	set	recipients: + r.david.murray, paul.moore, tim.golden, zach.ware, steve.dower, bhou
2015-09-05 01:26:17	r.david.murray	set	messageid: <1441416377.91.0.787267446616.issue25005@psf.upfronthosting.co.za>
2015-09-05 01:26:17	r.david.murray	link	issue25005 messages
2015-09-05 01:26:17	r.david.murray	create