quinn at euro.ugcs.caltech.edu
Wed Apr 19 19:56:03 CEST 2000
On 18 Apr 2000 16:30:13 GMT, Donn Cave <donn at u.washington.edu> wrote:
>Quoth Martin von Loewis <loewis at informatik.hu-berlin.de>:
>| quinn at zloty.ugcs.caltech.edu (Quinn Dunkan) writes:
>| > Or perhaps there's a better way to do the (common) thing I'm trying
>| > to do: clean the environment to insure some minimum sane values. I
>| > can't make a copy of the environ and then pass to execve() since
>| > that doesn't help much for popen and system.
>| You could implement popen and system yourself, starting from popen2
>| (for example).
>That may sound like the re-invention of the wheel, but there are
>other improvements that can be made at the same time:
> - eliminate system()'s sh -c 'shell command', which can be a
> security liability in some situations. The shell can do
> some really useful things, but if you don't need those things
> you should be able to pass in an argv sequence and skip sh.
I do need the shell's useful things, and the system() commands are constants,
so things should be pretty bulletproof as long as the environment is also
constant, right? But it *would* be useful to have a spawn() or run() or
something builtin which does a proper vfork/exec with no subshell involved. I
often find myself writing one of those.
> - Raise exception on exit status, complete with error output as
> exception value. A bit of a pain to implement, and again not
> not always the right thing to do, but usually it is the right
I don't understand... are you saying the close() method should throw the
exception? What's wrong with just checking it's return value normally? How
is a child you started exiting exceptional? And if the child has been started
asynchronously, do you mean throw an exception from the SIGCHLD handler, or
I wound up just writing unsetenv(), and then setenviron() which sets the
environ to a given dict.
More information about the Python-list