subprocess escaping POpen?!

Ryan Kelly ryan at rfk.id.au
Thu Aug 5 14:11:05 CEST 2010


On Thu, 2010-08-05 at 12:58 +0100, Chris Withers wrote:
> Jean-Michel Pichavant wrote:
> > You did not redirect stdin, so it is expected you can still read input 
> > from the console. 
> 
> Okay, so if I definitely wanted no input, what should I pass as the 
> stdin parameter to the POpen constructor?

The cross-platform equivalent of /dev/null:

   Popen(...,stdin=open(os.devnull,"r")...)

> > And it looks like svn is writting the credentials 
> > prompt on stderr.
> 
> ...which, as you can see from the code I posted, is piped to STDOUT, 
> which is then PIPE'd through to the calling python so that 
> communicate()'s return value will contain the output.
> 
> As I explained, I can't reproduce this by replacing svn with a simple 
> python script that writes to stderr. So, what is svn doing?

Many programs prompt for auth credentials on the controlling tty instead
of standard input/output.  I believe SSH also does this, which suggests
that it's considered more secure.  No idea why, but I trust the authors
of SSH to know their stuff in this regard.


  Cheers,

     Ryan
-- 
Ryan Kelly
http://www.rfk.id.au  |  This message is digitally signed. Please visit
ryan at rfk.id.au        |  http://www.rfk.id.au/ramblings/gpg/ for details





More information about the Python-list mailing list