Gabriel Ambuehl <gabriel_ambuehl-py at buz.ch> wrote: : -----BEGIN PGP SIGNED MESSAGE----- : Hello, : I wonder what is the easiest way to escape user submitted strings so I : can : safely use them in os.system() calls. Limiting the allowed chars isn't : feasible since I want them to use as safe passwords as possible and : those generally DO consist of special chars. Any good ideas how I : could solve this? Try checking into the crypt or md5 modules and try encrypting the password from within python. Someone might actually want their password to be ";rm -rf *", which is harmless to pass to crypt() but undesirable to send to os.system(). You really don't want to send user-submitted *anything* to os.system(). Trust us on this one.
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4