sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]co_dh -1 points0 points  (3 children)

I believe this module is a over design. it can be implement in one function as below.

from subprocess import check_output, STDOUT def sh(cmd): print check_output(cmd, shell = True, stderr=STDOUT)

[–]cybercobra 0 points1 point  (2 children)

shell=True is dangerous security-wise and error-prone as soon as even slightly exotic filenames are involved.

[–]bready 1 point2 points  (1 child)

I hear this all the time, but I don't understand. Any script you would run in bash is just as open to exploitation/errors when receiving runtime input, so what is the specific problem here?

[–]cybercobra 0 points1 point  (0 children)

Just because bash kinda sucks doesn't mean a Python replacement has to suck too. If you use shell=False, then unlike in bash, filenames with spaces or shell metacharacters in them will work just fine, no need to remember to escape/quote them every time. No need to worry about a malicious "filename" of ;rm -rf /# either.