Snippet: The leanest Popen wrapper

Thomas Rachel nutznetz-0c1b6768-bfa9-48d5-a470-7603bd3aa915 at
Thu Aug 4 05:25:51 EDT 2011

Am 04.08.2011 10:42 schrieb Chris Rebert:

> I was considering the more general case where one of the strings may
> have come from user input. You then need to also escape
> $looks_like_a_var, `some_command`, and way more other such stuff that
> your simple function doesn't cover.

Even these things are harmless when included in ''s.

$ echo '`rm -rf .`' '$RANDOM'
`rm -rf .` $RANDOM


More information about the Python-list mailing list