[Python-Dev] test_popen broken on Win2K
Sun, 9 Mar 2003 22:24:37 +0100
On vrijdag, maa 7, 2003, at 22:48 Europe/Amsterdam, Thomas Heller wrote:
> In distutils we had a similar problem. I don't remember the details
> at the moment exactly, but I think enclosing sys.executable in double
> quotes *only* when it contains spaces should do the trick.
But only spaces may not be good enough. What I think we really want is
that makes any string safe for popen/exec/shell script (or raises an
exception if it
can't be done?). As this function will have to be platform-specific it
would be a suitable place for it.
Or would this give a false sense of security to people who write cgi
or something and then suddenly get hit by an IFS hack or similar trick?
- Jack Jansen <Jack.Jansen@oratrix.com>
- If I can't dance I don't want to be part of your revolution -- Emma