subject:"\[issue21557\] os.popen \& os.system lack shell\-related security warnings"

[issue21557] os.popen & os.system lack shell-related security warnings

2015-02-12 Thread Demian Brecht

Changes by Demian Brecht : -- nosy: -demian.brecht ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe: https://mai

[issue21557] os.popen & os.system lack shell-related security warnings

2014-12-05 Thread STINNER Victor

STINNER Victor added the comment: subprocess.getstatusoutput(cmd) needs also this note (or warning). -- ___ Python tracker ___ ___ Pyt

[issue21557] os.popen & os.system lack shell-related security warnings

2014-12-05 Thread STINNER Victor

STINNER Victor added the comment: Python 3.5 doc has no red warning in the subprocess module, but a nice section: https://docs.python.org/dev/library/subprocess.html#security-considerations Why not simply copying the note of the subprocess doc? "Note: Read the Security Considerations section bef

[issue21557] os.popen & os.system lack shell-related security warnings

2014-12-05 Thread STINNER Victor

Changes by STINNER Victor : -- nosy: +haypo ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python

[issue21557] os.popen & os.system lack shell-related security warnings

2014-12-03 Thread R. David Murray

R. David Murray added the comment: Since Raymond is the person who tends to object most strongly to warning boxes in the docs, let's get his opinion on this. I'm not sure that the warning box is necessary, the text may be sufficient. On the other hand, this *is* a significant insecurity vect

[issue21557] os.popen & os.system lack shell-related security warnings

2014-12-03 Thread Demian Brecht

Demian Brecht added the comment: After discussion in Rietveld, the patch looks good to me. -- ___ Python tracker ___ ___ Python-bugs-l

[issue21557] os.popen & os.system lack shell-related security warnings

2014-12-01 Thread Demian Brecht

Demian Brecht added the comment: Left a comment in Rietveld. -- nosy: +demian.brecht ___ Python tracker ___ ___ Python-bugs-list maili

[issue21557] os.popen & os.system lack shell-related security warnings

2014-12-01 Thread Chris Rebert

Chris Rebert added the comment: Here is a patch that adds the necessary warnings from issue 7950. Please review it when you get a chance. -- keywords: +patch Added file: http://bugs.python.org/file37338/fix-21557.patch ___ Python tracker

[issue21557] os.popen & os.system lack shell-related security warnings

2014-05-22 Thread Chris Rebert

New submission from Chris Rebert: Since these functions run shell commands, which is a common vector for security-related bugs (see * http://cwe.mitre.org/data/definitions/78.html * http://cwe.mitre.org/data/definitions/88.html ), I suggest that they should have security warning boxes analogous

[issue21557] os.popen & os.system lack shell-related security warnings

[issue21557] os.popen & os.system lack shell-related security warnings

[issue21557] os.popen & os.system lack shell-related security warnings

[issue21557] os.popen & os.system lack shell-related security warnings

[issue21557] os.popen & os.system lack shell-related security warnings

[issue21557] os.popen & os.system lack shell-related security warnings

[issue21557] os.popen & os.system lack shell-related security warnings

[issue21557] os.popen & os.system lack shell-related security warnings

[issue21557] os.popen & os.system lack shell-related security warnings

9 matches

Site Navigation

Mail list logo

Footer information