Looks like we should move away from shell=True ASAP.
https://docs.python.org/2/library/subprocess.html#frequently-used-arguments
"Warning
Executing shell commands that incorporate unsanitized input from an untrusted source makes a program vulnerable to shell injection, a serious security flaw which can result in arbitrary command execution. For this reason, the use of shell=True is strongly discouraged in cases where the command string is constructed from external input [...]"
Looks like we should move away from shell=True ASAP.
https:/ /docs.python. org/2/library/ subprocess. html#frequently -used-arguments
"Warning
Executing shell commands that incorporate unsanitized input from an untrusted source makes a program vulnerable to shell injection, a serious security flaw which can result in arbitrary command execution. For this reason, the use of shell=True is strongly discouraged in cases where the command string is constructed from external input [...]"