[New-bugs-announce] [issue21557] os.popen & os.system lack shell-related security warnings
Chris Rebert
report at bugs.python.org
Thu May 22 23:33:48 CEST 2014
New submission from Chris Rebert:
Since these functions run shell commands, which is a common vector for security-related bugs (see
* http://cwe.mitre.org/data/definitions/78.html
* http://cwe.mitre.org/data/definitions/88.html
), I suggest that they should have security warning boxes analogous to the one for the `subprocess` module:
https://docs.python.org/2/library/subprocess.html#frequently-used-arguments
----------
assignee: docs at python
components: Documentation
messages: 218921
nosy: cvrebert, docs at python
priority: normal
severity: normal
status: open
title: os.popen & os.system lack shell-related security warnings
versions: Python 2.7, Python 3.5
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue21557>
_______________________________________
More information about the New-bugs-announce
mailing list