STINNER Victor <vstin...@redhat.com> added the comment:
This issue lacks a lot of information: * What is your operating system (name and version)? On Linux, what is your Linux kernel version? * Which Python version did you try? * Which command are you running? * Do you use a shell? * Do you use bytes (default) or Unicode (universal_newlines=True or text=True)? * Can you provide a minimum reproducer? I don't know how to use msg349894: cmd is not defined. Attached 1.py uses 2 commands, appararently both use a shell: * "find /usr/bin -type f 2>/dev/null" * "objdump '%s'" "objdump '%s'" is unsafe and can lead to shell injection: try to avoid the usage of a shell. Use subprocess.Popen directly, or an helper which doesn't use shell=True. ---------- nosy: +vstinner _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue37790> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com