[Merge] lp:~evfool/software-properties/lp1060192 into lp:software-properties
Robert Roth
evfool at gmail.com
Wed Feb 13 15:24:19 UTC 2013
Robert Roth has proposed merging lp:~evfool/software-properties/lp1060192 into lp:software-properties.
Commit message:
- Do not use Shell=True unnecessarily in subprocess.Popen (bug #1060192)
Requested reviews:
Ubuntu Core Development Team (ubuntu-core-dev)
Related bugs:
Bug #1060192 in software-properties (Ubuntu): "needless shell=True in a subprocess.Popen call"
https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/1060192
For more details, see:
https://code.launchpad.net/~evfool/software-properties/lp1060192/+merge/148210
As the python subprocess Popen documentation states: "the use of shell=True is strongly discouraged in cases where the command string is constructed from external input".
We construct the command to execute from mostly well-known parameters, unless the hostname of the mirror to test, which comes from /usr/share/python-apt/templates/ mirrors file, which can be (mostly) anything.
As bug #1060192 states, it does not really make a difference in this context whether we use shell=True or False, but maybe it is safer to use shell=False.
--
https://code.launchpad.net/~evfool/software-properties/lp1060192/+merge/148210
Your team Ubuntu Core Development Team is requested to review the proposed merge of lp:~evfool/software-properties/lp1060192 into lp:software-properties.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: review-diff.txt
Type: text/x-diff
Size: 846 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-reviews/attachments/20130213/fa2b134c/attachment.diff>
More information about the Ubuntu-reviews
mailing list