Python

76 readers

1 users here now

News and discussions about the programming language Python

founded 5 years ago

MODERATORS

MinutePhrase@lemmy.ml

The Right Way to Run Shell Commands From Python | Martin Heinz (martinheinz.dev)

submitted 1 year ago by jnovinger@lemmy.ml to c/python@lemmy.ml

3 comments fedilink hide all child comments

top 2 comments

sorted by: hot top controversial new old

[–] CosmicGiraffe@lemmy.world 4 points 1 year ago (1 children)

e.g. shell=True allows you to pass the command as a single string

Don't do this. As the article says its much better to split the string using shlex and avoid the risk of shell injection vulnerabilities.

[–] perpetualmaniac@lemmy.ml 2 points 1 year ago

It's fine for the majority of cases. Shell vulnerabilities exist when you take in user input. If it's a personal project or you are composing the string to pass to the shell without user input then it's perfectly fine.

load more comments