Message146064
| Author |
ncoghlan |
| Recipients |
alex, ncoghlan |
| Date |
2011年10月21日.06:36:57 |
| SpamBayes Score |
1.6569838e-06 |
| Marked as misclassified |
No |
| Message-id |
<1319179018.59.0.387333173739.issue13238@psf.upfronthosting.co.za> |
| In-reply-to |
| Content |
And that's exactly the problem - a web developer's or security auditor's "shell injection" is a system administrator's "this language sucks".
These wrappers are the kind of thing you want for shell invocations when using Python as a replacement for a shell script or rewriting something that was originally written in Perl, but they're a terrible idea if anything you're interpolating came from an untrusted data source.
Currently, requiring "shell=True" in the arguments to the subprocess calls is considered a sufficient deterrent against people doing the wrong thing. I'm suggesting that requiring "import shutil" instead of "import subprocess" may be a similarly acceptable compromise that better serves the system administrators that choose to use Python for system automation tasks. |
|
History
|
|---|
| Date |
User |
Action |
Args |
| 2011年10月21日 06:36:58 | ncoghlan | set | recipients:
+ ncoghlan, alex |
| 2011年10月21日 06:36:58 | ncoghlan | set | messageid: <1319179018.59.0.387333173739.issue13238@psf.upfronthosting.co.za> |
| 2011年10月21日 06:36:58 | ncoghlan | link | issue13238 messages |
| 2011年10月21日 06:36:57 | ncoghlan | create |
|