New submission from Chris Rebert:

Since these functions run shell commands, which is a common vector for 
security-related bugs (see
* http://cwe.mitre.org/data/definitions/78.html
* http://cwe.mitre.org/data/definitions/88.html
), I suggest that they should have security warning boxes analogous to the one 
for the `subprocess` module:
https://docs.python.org/2/library/subprocess.html#frequently-used-arguments

----------
assignee: docs@python
components: Documentation
messages: 218921
nosy: cvrebert, docs@python
priority: normal
severity: normal
status: open
title: os.popen & os.system lack shell-related security warnings
versions: Python 2.7, Python 3.5

_______________________________________
Python tracker <rep...@bugs.python.org>
<http://bugs.python.org/issue21557>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

Reply via email to