The Right Way to Run Shell Commands From Python | Martin Heinz

jnovinger@lemmy.ml · 1 year ago

The Right Way to Run Shell Commands From Python | Martin Heinz

CosmicGiraffe@lemmy.world · 1 year ago

e.g. shell=True allows you to pass the command as a single string

Don’t do this. As the article says its much better to split the string using shlex and avoid the risk of shell injection vulnerabilities.

perpetualmaniac@lemmy.ml · 1 year ago

It’s fine for the majority of cases. Shell vulnerabilities exist when you take in user input. If it’s a personal project or you are composing the string to pass to the shell without user input then it’s perfectly fine.

The Right Way to Run Shell Commands From Python | Martin Heinz

The Right Way to Run Shell Commands From Python | Martin Heinz

The Right Way to Run Shell Commands From Python | Martin Heinz | Personal Website & Blog