Message 318817 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	r.david.murray
Recipients	Matthijs Kooijman, Sworddragon, cheryl.sabella, r.david.murray, roippi, vinay.sajip
Date	2018-06-06.12:59:58
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1528289998.62.0.592728768989.issue22454@psf.upfronthosting.co.za>
In-reply-to

Content
I like it, myself, though there is some danger in promoting the idea that this is a "safe" operation. It theoretically should be, but it increases the attack surface slightly if you actually use it (that is, using shell=False is always safer, by at least a small margin). Maybe a mention of that in the docs would be enough, though.

I like it, myself, though there is some danger in promoting the idea that this is a "safe" operation.  It theoretically should be, but it increases the attack surface slightly if you actually use it (that is, using shell=False is always safer, by at least a small margin).  Maybe a mention of that in the docs would be enough, though.

History
Date	User	Action	Args
2018-06-06 12:59:58	r.david.murray	set	recipients: + r.david.murray, vinay.sajip, Sworddragon, roippi, cheryl.sabella, Matthijs Kooijman
2018-06-06 12:59:58	r.david.murray	set	messageid: <1528289998.62.0.592728768989.issue22454@psf.upfronthosting.co.za>
2018-06-06 12:59:58	r.david.murray	link	issue22454 messages
2018-06-06 12:59:58	r.david.murray	create