Éric Araujo <merwok@netwok.org> added the comment: Looks good to me, except the last two lines which I would reword or just remove. I wonder how many people use shell=True merely for the convenience of passing a string instead of a list. What do you think about adding a mention of str.split and shlex.split? ---------- nosy: +eric.araujo type: security -> behavior versions: -Python 2.6 _______________________________________ Python tracker <report@bugs.python.org> <http://bugs.python.org/issue7950> _______________________________________