On Mon, Sep 1, 2014 at 6:46 PM, Cameron Simpson <c...@zip.com.au> wrote: > Not really. If the arguments are coming in from the command line, someone (a > user, even if that user is the programmer) typed them. Even if not > malicious, they can still be mistaken. Or just unfortunate.
I'm guessing that what he means is that the example posted here used sys.argv but his actual code doesn't. It's still important to *understand* shell=True, but it can be perfectly safe to use it. ChrisA -- https://mail.python.org/mailman/listinfo/python-list
