On Mon, Feb 23, 2015 at 11:13 PM, Robert Clove <cloverob...@gmail.com> wrote:
> proc1=subprocess.Popen("/root/Desktop/abc.py","64","abc",shell=True,stdout=subprocess.PIPE,
> stderr=subprocess.PIPE)As others have said, you need to use either a single command or a list of strings. But why are you using shell=True here? You appear to be invoking one single script, and not needing shell features at all. Additionally, it seems highly likely that you're running this as root (the /root directory is usually the root user's home dir, and is readable by nobody else), so any sort of shell injection exploit could easily result in an attacker getting full root access to your box. I strongly suggest using shell=False here. ChrisA -- https://mail.python.org/mailman/listinfo/python-list
