[issue24778] mailcap.findmatch: document shell command Injection danger in filename parameter
Bernd Dietzel
report at bugs.python.org
Wed Aug 5 22:26:43 CEST 2015
Bernd Dietzel added the comment:
Thanks :-)
As you may noticed i now choosed to use a random name made of the chars of "PYTHON" in BIG letters instead of small letters i used before.
Thats because i do not want to get in trouble with the little "t" in %t wich is replaced by the subst function too.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue24778>
_______________________________________
More information about the Python-bugs-list
mailing list