traverseda
/
cpython
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Backport from 3.2: Fix placement of shell=True warning in subprocess.Popen() docs.

This commit is contained in:
Chris Jerdonek 2012-10-10 22:58:57 -07:00
parent 2a6672b100
commit 1e65159b34
1 changed files with 8 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
Doc/library/subprocess.rst
View File

@ -243,8 +243,8 @@ default values. The arguments that are most commonly needed are:
untrusted source makes a program vulnerable to `shell injection untrusted source makes a program vulnerable to `shell injection
<http://en.wikipedia.org/wiki/Shell_injection#Shell_injection>`_, <http://en.wikipedia.org/wiki/Shell_injection#Shell_injection>`_,
a serious security flaw which can result in arbitrary command execution. a serious security flaw which can result in arbitrary command execution.
For this reason, the use of *shell=True* is **strongly discouraged** in cases For this reason, the use of ``shell=True`` is **strongly discouraged**
where the command string is constructed from external input:: in cases where the command string is constructed from external input::
>>> from subprocess import call >>> from subprocess import call
>>> filename = input("What file would you like to display?\n") >>> filename = input("What file would you like to display?\n")
@ -334,6 +334,12 @@ functions.
into the shell (e.g. :command:`dir` or :command:`copy`). You do not need into the shell (e.g. :command:`dir` or :command:`copy`). You do not need
``shell=True`` to run a batch file or console-based executable. ``shell=True`` to run a batch file or console-based executable.
.. warning::
Passing ``shell=True`` can be a security hazard if combined with
untrusted input. See the warning under :ref:`frequently-used-arguments`
for details.
*bufsize*, if given, has the same meaning as the corresponding argument to the *bufsize*, if given, has the same meaning as the corresponding argument to the
built-in open() function: :const:`0` means unbuffered, :const:`1` means line built-in open() function: :const:`0` means unbuffered, :const:`1` means line
buffered, any other positive value means use a buffer of (approximately) that buffered, any other positive value means use a buffer of (approximately) that
@ -375,15 +381,6 @@ functions.
child process. Note that on Windows, you cannot set *close_fds* to true and child process. Note that on Windows, you cannot set *close_fds* to true and
also redirect the standard handles by setting *stdin*, *stdout* or *stderr*. also redirect the standard handles by setting *stdin*, *stdout* or *stderr*.
If *shell* is :const:`True`, the specified command will be executed through the
shell.
.. warning::
Enabling this option can be a security hazard if combined with untrusted
input. See the warning under :ref:`frequently-used-arguments`
for details.
If *cwd* is not ``None``, the child's current directory will be changed to *cwd* If *cwd* is not ``None``, the child's current directory will be changed to *cwd*
before it is executed. Note that this directory is not considered when before it is executed. Note that this directory is not considered when
searching the executable, so you can't specify the program's path relative to searching the executable, so you can't specify the program's path relative to