From: Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com> Date: Tue, 7 May 2024 08:47:46 +0000 (+0200) Subject: [3.10] gh-114539: Clarify implicit launching of shells by subprocess (GH-117996)... X-Git-Tag: v3.10.15~20 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=9b33629f96a73f4da6ee070056b0aabea95ee034;p=thirdparty%2FPython%2Fcpython.git [3.10] gh-114539: Clarify implicit launching of shells by subprocess (GH-117996) (GH-118004) (cherry picked from commit a4b44d39cd6941cc03590fee7538776728bdfd0a) Co-authored-by: Steve Dower --- diff --git a/Doc/library/subprocess.rst b/Doc/library/subprocess.rst index fc66663546b9..7eb9f3042405 100644 --- a/Doc/library/subprocess.rst +++ b/Doc/library/subprocess.rst @@ -741,8 +741,8 @@ Exceptions defined in this module all inherit from :exc:`SubprocessError`. Security Considerations ----------------------- -Unlike some other popen functions, this implementation will never -implicitly call a system shell. This means that all characters, +Unlike some other popen functions, this library will not +implicitly choose to call a system shell. This means that all characters, including shell metacharacters, can safely be passed to child processes. If the shell is invoked explicitly, via ``shell=True``, it is the application's responsibility to ensure that all whitespace and metacharacters are @@ -751,6 +751,14 @@ quoted appropriately to avoid vulnerabilities. On :ref:`some platforms `, it is possible to use :func:`shlex.quote` for this escaping. +On Windows, batch files (:file:`*.bat` or :file:`*.cmd`) may be launched by the +operating system in a system shell regardless of the arguments passed to this +library. This could result in arguments being parsed according to shell rules, +but without any escaping added by Python. If you are intentionally launching a +batch file with arguments from untrusted sources, consider passing +``shell=True`` to allow Python to escape special characters. See :gh:`114539` +for additional discussion. + Popen Objects -------------