Message362333
Thanks very much for getting back to me so quickly, and for identifying the reason for the difference in behavior.
Sorry to harp on a relatively small behavior, but it cost me a few hours and it might cause confusion for others as well.
It still seems like an oversight that the body of a program invoked by `bash -c` would not be quoted. Consider the following two examples:
$ bash -c echo my critical data > file.txt
$ cat file.txt
$ # My data was lost!
Or again in Python:
>>> import subprocess
>>> res1 = subprocess.run(['echo', 'my', 'critical', 'data', '>', 'file.txt'], shell=True, capture_output=True)
>>> res1.returncode
0
>>> exit()
$ cat file.txt
cat: file.txt: No such file or directory
$ # The file is not even created!
I know that the subsequent args are stored as bash arguments to the first executable/quoted program, for example:
$ bash -c 'echo $0' foo
foo
or
>>> res1 = subprocess.run(['echo $0', 'foo'], shell=True, capture_output=True)
>>> res1.stdout
b'foo\n'
However, it seems strange/wrong to invoke an executable via "bash -c executable arg1 arg2", rather than just "executable arg1 arg2"! In other words, the combination of `shell=True` with a sequence of args appears to behave surprisingly/wrong.
---
Here's the only part of the docs I could find that discuss the interaction between `shell=True` and args.:
"""
The shell argument (which defaults to False) specifies whether to use the shell as the program to execute. If shell is True, it is recommended to pass args as a string rather than as a sequence.
"""
I think there are ~2 cases here:
1) If there exist use cases for setting `shell=True` and doing "bash -c my_executable arg2 arg3", then the documentation should say something like the following:
"""
Using `shell=True` invokes the sequence of args via `bash -c`. In this case, the first argument MUST be an executable, and the subsequent arguments will be stored as bash parameters for that executable (`$0`, `$1`, etc).
"""
2) The body of the program invoked with `bash -c` should always be quoted. In this case, there should either be a code fix to quote the body, or a `ValueError` when `shell=True` and args is a sequence.
How does this sound from your perspective? |
|
Date |
User |
Action |
Args |
2020-02-20 17:09:17 | nik-sm | set | recipients:
+ nik-sm, jweese |
2020-02-20 17:09:17 | nik-sm | set | messageid: <1582218557.12.0.939078411221.issue39692@roundup.psfhosted.org> |
2020-02-20 17:09:17 | nik-sm | link | issue39692 messages |
2020-02-20 17:09:16 | nik-sm | create | |
|