On Thu, Jun 12, 2014 at 10:00 AM, anatoly techtonik <techto...@gmail.com> wrote: > I thought exactly about that. Usually separate arguments are used to avoid > problems with escaping of quotes and other stuff. > > I'd deprecate subprocess and split it into separate modules. One is about > shell execution and another one is for secure process control.
ISTM what you want is not shell=True, but a separate function that follows the system policy for translating a command name into a path-to-binary. That's something that, AFAIK, doesn't currently exist in the Python 2 stdlib, but Python 3 has shutil.which(). If there's a PyPI backport of that for Py2, you should be able to use that to figure out the command name, and then avoid shell=False. ChrisA _______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
