Message107316
| Author |
r.david.murray |
| Recipients |
Alexander.Belopolsky, Christophe Simonis, brian.curtin, eric.smith, larry, r.david.murray |
| Date |
2010年06月08日.11:42:34 |
| SpamBayes Score |
0.12495627 |
| Marked as misclassified |
No |
| Message-id |
<1275997357.1.0.0820334208597.issue7839@psf.upfronthosting.co.za> |
| In-reply-to |
| Content |
Unless we go the proliferating-interfaces route, it does represent a behavior change, and so if accepted would need to go through a deprecation cycle. And if we did go that route, it would be a new feature. So nothing can happen in 2.7, since it is already in the RC stage.
By the way, I did not suggest dropping the shell parameter, I argued against doing that. The 'security' I referred to is that when you use a shell you are subject to shell-metacharacter-based attacks (and bugs!) if any elements of the command line come from user input and you don't sanitize them. This problem doesn't exist with shell=False, which is why it is the default. |
|