[Python-Dev] test_popen broken on Win2K

Jack Jansen Jack.Jansen@oratrix.com
Sun, 9 Mar 2003 22:24:37 +0100

On vrijdag, maa 7, 2003, at 22:48 Europe/Amsterdam, Thomas Heller wrote:
> In distutils we had a similar problem. I don't remember the details
> at the moment exactly, but I think enclosing sys.executable in double
> quotes *only* when it contains spaces should do the trick.

But only spaces may not be good enough. What I think we really want is 
a function
that makes any string safe for popen/exec/shell script (or raises an 
exception if it
can't be done?). As this function will have to be platform-specific it 
seems os.path
would be a suitable place for it.

Or would this give a false sense of security to people who write cgi 
or something and then suddenly get hit by an IFS hack or similar trick?
- Jack Jansen        <Jack.Jansen@oratrix.com>        
http://www.cwi.nl/~jack -
- If I can't dance I don't want to be part of your revolution -- Emma 
Goldman -