Hi "Nobody" and Hans,
I really appreciate you all sharing this insight with me.
> You might think that os.path.expanduser
> would never expand '~' to something containing a double quote,
> but you'd be wrong:
> >>> import os
> >>> os.environ['HOME'] = 'gotcha!"; rm -rf '
> >>> print(os.path.expanduser('~/Desktop/IN/Test/'))
> gotcha!"; rm -rf /Desktop/IN/Test/
>
> It's easy and safer to avoid using 'shell=True' option:
>
> cmd = ['ditto', '-vV', p1, p2]
> v = subprocess.check_output(cmd, shell=False)
I would have never thought about this, and this could definitely
give me problems. Thank you for this advice!
Again, thank you both for the examples and deeper understanding
of how subprocess works. I will definitely start passing a list
as the first argument as well as updating my older code to do
the same.
Jay
--
http://mail.python.org/mailman/listinfo/python-list
