Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code | Sign in

#16353: add function to os module for getting path to default shell

Can't Edit
Can't Publish+Mail
Start Review
7 years, 3 months ago by chris.jerdonek
3 years, 6 months ago
aixtools, eryksun+pybugs
gregory.p.smith, Nick Coghlan, AntoinePitrou, haypo, christian.heimes, ned.deily, ezio.melotti, eric.araujo, r.david.murray, asvetlov, cjerdonek, Charles-Fran├žois Natali, akira, xdegaye, someuniquename_gmail.com, storchaka, eryksun, lyapun, WanderingLogic, Michael.Felt, csabella

Patch Set 1 #

Patch Set 2 #

Patch Set 3 #

Patch Set 4 #

Patch Set 5 #

Patch Set 6 #

Patch Set 7 #

Patch Set 8 #

Total comments: 2
Unified diffs Side-by-side diffs Delta from patch set Stats Patch
Lib/os.py View 1 2 3 4 5 6 7 1 chunk +7 lines, -0 lines 2 comments Download
Modules/posixmodule.c View 1 2 3 4 5 6 7 1 chunk +8 lines, -0 lines 0 comments Download


Total messages: 2
A "naked" cmd.exe has every danger of a naked "sh". https://bugs.python.org/review/16353/diff/17322/Lib/os.py File Lib/os.py (right): https://bugs.python.org/review/16353/diff/17322/Lib/os.py#newcode207 ...
3 years, 6 months ago #1
3 years, 6 months ago #2
File Lib/os.py (right):

Lib/os.py:207: default_shell = 'cmd.exe'
On 2016/07/29 14:40:15, Michael.Felt wrote:
> Has cmd.exe moved around too much to not specify a complete PATH. The
> is merely that someone could break a security model if someone were to insert
> trojan cmd.exe

It should be environ['ComSpec'], for which the default value in Vista+ is the
absolute path to cmd.exe. Nowadays it's rare for systems to use a ComSpec shell
that's not cmd.exe, but if it absolutely must be cmd.exe, then use
path.join(environ['SystemRoot'], 'System32', 'cmd.exe'). The same path works in
a WOW64 process (i.e. a 32-bit program running in 64-bit Windows) because
accessing "System32" gets redirected to "SysWOW64".
Sign in to reply to this message.

RSS Feeds Recent Issues | This issue
This is Rietveld 894c83f36cb7+