On Tue, Dec 6, 2016 at 4:23 AM, Marko Rauhamaa <ma...@pacujo.net> wrote: > Chris Angelico <ros...@gmail.com>: > >> On Tue, Dec 6, 2016 at 3:53 AM, Marko Rauhamaa <ma...@pacujo.net> wrote: >>> In recent years, I've been disillusioned with bash and started using >>> Python more and more where I would previously have used bash. >>> Python's explicit syntax does automatically give you a level of >>> security, but I must say the subprocess.Popen.communicate syntax is >>> painful as hell. Your traditional one-liners turn into five-liners, >>> and a casual observer will have a slightly hard time understanding >>> what's going on. >> >> Congratulations. You've just discovered why bash is useful. > > Bash is nice, too nice. It makes it easy to write code that's riddled > with security holes. The glorious Unix tradition is to ignore the > pitfalls and forge ahead come what may.
Bash assumes that the person typing commands has the full power to execute commands. I'm not sure what you mean by "security holes", unless it's passing text through bash that came from people who aren't allowed to type commands. ChrisA -- https://mail.python.org/mailman/listinfo/python-list
