Nick Coghlan <ncogh...@gmail.com> added the comment: Perhaps a better idea would be to use different names, so it's clearer at the point of invocation that the shell is being invoked (and hence shell injection attacks are a potential concern). For example:
shell_call check_shell_call check_shell_output That would make large applications easier to audit (just search for 'shell_') while still making life easier for sysadmins. ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue13238> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
