[issue7950] subprocess.Popen documentation should contain a good warning about the security implications when using shell=True
R. David Murray
report at bugs.python.org
Wed Aug 11 04:14:23 CEST 2010
R. David Murray <rdmurray at bitdance.com> added the comment:
Chris, thank you for the patch, sorry I didn't acknowledge it earlier. I think the core of the patch is good, though I will probably drop the text starting from "To safely use..." when I get time to apply it. I will also add a note along the lines of "this applies also to Windows, although the details of the exploits differ".
I would like input from others as to whether this should indeed be a red warning box, or is adequate as a note. We try to minimize the number of red boxes, but this may well be an appropriate case for one (I'm leaning that way myself).
assignee: georg.brandl -> docs at python
nosy: +docs at python
stage: needs patch -> patch review
Python tracker <report at bugs.python.org>
More information about the Python-bugs-list