[Python-ideas] Add __main__ for uuid, random and urandom
Wes Turner
wes.turner at gmail.com
Mon Apr 18 15:20:47 EDT 2016
On Apr 18, 2016 12:36 PM, "Wes Turner" <wes.turner at gmail.com> wrote:
>
>
> On Apr 18, 2016 12:30 PM, "Wes Turner" <wes.turner at gmail.com> wrote:
>
> > >
> > > I think the users of oneline.py could be people that now write lots of
> > > bash scripts and work on the command line. So whenever someone asks a
> > > question somewhere about how to do X on the linux command line, we
> > > might have the answer: """
> > >
> > > Q: On the linux commandline, how do I get only the filename from a
> > > full path that is in $FILEPATH
> > >
> > > A: Python has this. You can use the tools in os.path:
> > >
> > > Filename:
> > > $ oneline.py "os.path.basename('$FILEPATH')"
> > >
> > > Path to directory:
> > > $ oneline.py "os.path.dirname('$FILEPATH')"
> > > """
> >
> > FILEPATH='for'"example');"'subprocess.call("cat /etc/passwd",
shell=True)'
>
> sys.argv[1] (IFS=' ')
> stdin (~IFS=$'\n')
>
> ...
>
> * https://github.com/westurner/dotfiles/blob/develop/scripts/el
>
> * https://github.com/westurner/pyline/blob/master/pyline/pyline.py
(considering adding an argument (in addition to the existing -m) for
importlib.import_module))
another thing worth mentioning is that
`ls` prints '?' for certain characters in filenames (e.g. newlines $'\n')
so, | pipes with ls and xargs are bad/wrong/unsafe:
e.g.
$ touch 'file'$'\n''name'
$ ls 'file'* | xargs stat #ERR
$ find . -maxdepth 1 -name 'file*' | xargs stat #ERRless unsafe (?):
>> [x for x in os.listdir('.') if x.startswith('file')] # ['file\nname']
$ find . -maxdepth 1 -name 'file*' -print0 | xargs -0 stat
...
* "CWE-93: Improper Neutralization of CRLF Sequences ('CRLF Injection')"
https://cwe.mitre.org/data/definitions/93.html
* CWE-78: Improper Neutralization of Special Elements used in an OS Command
('OS Command Injection') https://cwe.mitre.org/data/definitions/78.html
> >
> > >
> > > This might be more appealing than python -c. The whole point is to
> > > make Python's power available and visible for a larger audience.
> > >
> > > -Koos
> > > _______________________________________________
> > > Python-ideas mailing list
> > > Python-ideas at python.org
> > > https://mail.python.org/mailman/listinfo/python-ideas
> > > Code of Conduct: http://python.org/psf/codeofconduct/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-ideas/attachments/20160418/a9bd4eae/attachment.html>
More information about the Python-ideas
mailing list