Not only filenames, ... anything in the path like the name of a usb-stick could get a shell command.
So please to not use "shell=True" , it makes the "subprocess.Popen" command as insecure as the "os.popen" commands are.
Not only filenames, ... anything in the path like the name of a usb-stick could get a shell command.
So please to not use "shell=True" , it makes the "subprocess.Popen" command as insecure as the "os.popen" commands are.