On 11/26/2014 09:09 AM, Chris Angelico wrote:
On Thu, Nov 27, 2014 at 2:07 AM, Chris Angelico <ros...@gmail.com> wrote:
I was searching the ol' memory banks, trying to figure out if there
was some way to tell the internal 'echo' command to use slash instead
of dash (maybe for DOS/Windows people??), in which case that would be
parsed as "echo -- hello" and would indeed simply echo "hello".
Speaking of which, it's entirely possible to have a "-sudo" parameter
to a command (which would be "-s -u -d -o" to many programs), so
that's another way to get a false positive.
ChrisA
Yeah, there is no foolproof way to do this short of implementing a parser
that acts exactly as the shell itself would when parsing the command line.
The more I think about this, the more I think I am just going to look for the
string 'sudo' anywhere in the argument. This merely will force the user to
enter their sudo password if detected. If it turns out to be a false positive,
no harm will be done and the password will just go unused.
Thanks for the feedback.
----------------------------------------------------------------------------
Tim Daneliuk tun...@tundraware.com
PGP Key: http://www.tundraware.com/PGP/
--
https://mail.python.org/mailman/listinfo/python-list
