python 2.7.12 on Linux behaving differently than on Windows

Chris Angelico rosuav at gmail.com
Mon Dec 5 12:35:09 EST 2016


On Tue, Dec 6, 2016 at 4:23 AM, Marko Rauhamaa <marko at pacujo.net> wrote:
> Chris Angelico <rosuav at gmail.com>:
>
>> On Tue, Dec 6, 2016 at 3:53 AM, Marko Rauhamaa <marko at pacujo.net> wrote:
>>> In recent years, I've been disillusioned with bash and started using
>>> Python more and more where I would previously have used bash.
>>> Python's explicit syntax does automatically give you a level of
>>> security, but I must say the subprocess.Popen.communicate syntax is
>>> painful as hell. Your traditional one-liners turn into five-liners,
>>> and a casual observer will have a slightly hard time understanding
>>> what's going on.
>>
>> Congratulations. You've just discovered why bash is useful.
>
> Bash is nice, too nice. It makes it easy to write code that's riddled
> with security holes. The glorious Unix tradition is to ignore the
> pitfalls and forge ahead come what may.

Bash assumes that the person typing commands has the full power to
execute commands. I'm not sure what you mean by "security holes",
unless it's passing text through bash that came from people who aren't
allowed to type commands.

ChrisA


More information about the Python-list mailing list