"Simon 'corecode' Schubert" wrote: >echo * | xargs rm, like find . -type f | xargs rm can be exploited, >because xargs treats every whitespace as a separation character.
Like most unix programs and shell commands. Yet another reason to do these things in python. When Oliver talked of security implications I thought of race attacks, it didn't occur to me that the shell's commandline expansion is itself a source of an attack (like creating a file called "-r") even though I've been bitten by such things. Another thing that has bitten me is trying to remove all my config files/directories, that begin with a ".", thusly rm -rf .* Luckily I had backups. This thread caused me to google a bit and I found ipython: http://ipython.scipy.org/ and I've just picked my jaw off the floor. It has everything I'm looking for -- full access to the python interpreter AND full access to the shell. All the best features of shells like bash, the regular python interactive interpreter, and programs like Mathematica. In fact it has a "shell mode" that should, in principle, work as a regular command shell. Time to start exploring. Rahul