Message115263
| Author |
brandon-rhodes |
| Recipients |
brandon-rhodes, docs@python |
| Date |
2010年08月31日.13:40:11 |
| SpamBayes Score |
2.0951566e-07 |
| Marked as misclassified |
No |
| Message-id |
<1283262014.72.0.527039259842.issue9723@psf.upfronthosting.co.za> |
| In-reply-to |
| Content |
The only way to safely build shell command lines from inside of Python — which is necessary when sending commands across SSH, since that behaves like os.system() rather than like subprocess.call() — is to use the wonderful pipes.call() method to turn possibly-dangerous arguments, like filenames that might have spaces, special characters, and embedded "rm -r" calls, into perfectly quoted strings for an "sh"-like shell (say, bash or zsh).
This call is already recommended on mailing lists, blog posts, and Stack Overflow — and since it doesn't start with a "_", I think its public use is fair game. But the "pipes" documentation itself doesn't officially mention or support it. I think it should be added to the Standard Library documentation for "pipes". So. Yeah. |
|
History
|
|---|
| Date |
User |
Action |
Args |
| 2010年08月31日 13:40:14 | brandon-rhodes | set | recipients:
+ brandon-rhodes, docs@python |
| 2010年08月31日 13:40:14 | brandon-rhodes | set | messageid: <1283262014.72.0.527039259842.issue9723@psf.upfronthosting.co.za> |
| 2010年08月31日 13:40:12 | brandon-rhodes | link | issue9723 messages |
| 2010年08月31日 13:40:11 | brandon-rhodes | create |
|