1. Home
2. Questions
3. AI Assist
4. Tags
5. Challenges
6. Chat
7. Articles
8. Users
9. Companies
11. Communities for your favorite technologies. Explore all Collectives
Stack Internal

Stack Overflow for Teams is now called Stack Internal. Bring the best of human thought and AI automation together at your work.
Try for free Learn more
Bring the best of human thought and AI automation together at your work. Learn more

Using cmd line under django server

Ask Question

Asked 5 years, 1 month ago

Modified 5 years, 1 month ago

Viewed 564 times

To make it easier to understand, i will use simple command line as 'ls'

How can i use a command line like 'pwd' or 'ls' into a django server ?

For example, my django server is running 'python manage.py runserver'

And into my code i would like to run a cmd command like 'pwd' and get the output of this command :

@login_required
def history(request):
 list_file = print('ls') #i would like to do 'ls' command
 return render(request, 'history.html')

Is it possible ?

Thank for your help !

Improve this question

asked Nov 24, 2020 at 19:39

Valentin Garreau's user avatar

Valentin Garreau

1,0731 gold badge13 silver badges35 bronze badges

1

You can use subprocess.run (docs.python.org/3/library/subprocess.html#subprocess.run) but beware that this is a security vulnerability. If you give shell access (to some extent), people can try to take over the server.

willeM_ Van Onsem
– willeM_ Van Onsem

2020年11月24日 19:41:35 +00:00
Commented Nov 24, 2020 at 19:41
Ok thank you, that work.

Valentin Garreau
– Valentin Garreau

2020年11月24日 19:57:59 +00:00
Commented Nov 24, 2020 at 19:57
Can you answer the question with your current answer please? I'll mark it as answered :)

Valentin Garreau
– Valentin Garreau

2020年11月25日 16:43:56 +00:00
Commented Nov 25, 2020 at 16:43
answered the question :).

willeM_ Van Onsem
– willeM_ Van Onsem

2020年11月25日 18:06:38 +00:00
Commented Nov 25, 2020 at 18:06

Add a comment |

1 Answer 1

Sorted by: Reset to default

You can make use of subprocess module [python-doc], for example subprocess.run(...) [python-doc].

from subprocess import run, PIPE
@login_required
def history(request):
 result = run('ls', stdout=PIPE)
 response = result.stdout
 return render(request, 'history.html', {'response': response})

You should however be careful not to give shell access to users. If you allow users to run arbitrary commands, they can take over the server, for example by replacing the Django code with some other code, etc. Although commands like ls are (to some extent) innocent, it is easy to exploit a certain feature of a command to gain access.

Improve this answer

answered Nov 25, 2020 at 18:06

willeM_ Van Onsem's user avatar

willeM_ Van Onsem

482k33 gold badges484 silver badges624 bronze badges

Comments

Your Answer

Draft saved

Draft discarded

Sign up or log in

Post as a guest

Name

Required, but never shown

Post as a guest

Name

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.

lang-py

CollectivesTM on Stack Overflow

Using cmd line under django server

1 Answer 1

Comments

Your Answer

Sign up or log in

Post as a guest

Post as a guest

Hot Network Questions

CollectivesTM on Stack Overflow

1 Answer 1

Comments

Your Answer

Sign up or log in

Post as a guest

Post as a guest

Related