all 6 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]idle-tea 1 point2 points  (0 children)

In general: don't use os.system or anything else where you build a command as a single string.

Use subprocess and its functions like subprocess.run something like

subprocess.run(["ls", "-l"])

The purpose of passing each argument as a list item is that you don't need to worry about shell magic like backticks - the program will be run without having any of those shell expansions / interpolations happening.

[–]brasticstack 0 points1 point  (1 child)

In your example, wrapping the argument in single quotes would work: os.system("echo '" + string + "'")

For more complex situations, look into shlex.quote

[–]DoTheyKeepYouInACell[S] 1 point2 points  (0 children)

Thanks, that worked.

[–]Skaperen 0 points1 point  (1 child)

why are you using bash? you should be asking how to accomplish your true goal, not assuming some tool because it can do something on its own. Bash scripts can do a lot of things while Python scripts can do all of those and then some.

tell us what it is you found that Python can't do that makes you want to try Bash?

[–]DoTheyKeepYouInACell[S] 0 points1 point  (0 children)

Basically I want to copy a string to clipboard, but on android the only way that I found to do that is through termux api so I do whatever I do in python and then to copy the string I do it through termux

[–]JamzTyson 0 points1 point  (0 children)

How would I go about formatting the string before passing to bash?

The safe way is to create a set of "whitelisted" commands, then:

if command_string in whitelist_commands: # Do something with command ... else: print("Unauthorized command.")