On Tue, Nov 14, 2017, 1:53 AM Panupat Chongstitwattana <[email protected]> wrote:
> Thank you Justin! You're right env.dic was my mistake. > > Is the security risk a thing we should be concerned in a studio > environment? Im trying to set up a system that would load the correct > version of plug-ins for each project by launching Maya with custom Env. > It's only a concern if you generate your shell command based on arbitrary user input. And example is reading some kind of string from the command line flags and building that into your Popen command. If you are purely building the command internally and you aren't basing the command off of aliases or environment variables then its less of a risk. It's also less of a risk if it's not a privileged process. Why do you specifically need shell=True anyways? What does your command look like? If you are just building a single command to launch Maya under an env, and this program is just a bootstrap to launch Maya, then maybe what you want is on of the os.exec* functions, to exec a new program and replace the current one. > -- > You received this message because you are subscribed to the Google Groups > "Python Programming for Autodesk Maya" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/python_inside_maya/8efde786-eeed-48b4-bd03-51419ba44b87%40googlegroups.com > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Python Programming for Autodesk Maya" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/python_inside_maya/CAPGFgA3YyFhTe_pcq0Zq7wtn8prcfOrFxn5g_7yDqAAx7R%2B_Tw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
