How to use python variable in os.system? [duplicate]

by

lazy solution is to simply concatenate the word:

>>> import os
>>> word="moo"
>>> os.system('cowsay ' + word)
 _____ 
< moo >
 ----- 
        \   ^__^
         \  (oo)\_______
            (__)\       )\/\
                ||----w |
                ||     ||
0

BUT you should not do this.
What if the user inputs moo; rm -rf /? guess what will happen.
Also, word="$(cat /etc/passwd)" and word="$aliases" or words with backticks will yield non-expected results.

You should use the Subprocess module, which takes care of escaping shell args and constructing the call:

>>> import subprocess
>>> subprocess.Popen(['cowsay', word])
<subprocess.Popen object at 0x7fe8c7656c18>
>>>  _____ 
< moo >
 ----- 
        \   ^__^
         \  (oo)\_______
            (__)\       )\/\
                ||----w |
                ||     ||

Use .communicate() for simple invocations, as described in the docs or as in the example below.
And now you don’t have to worry about injections:

>>> word="$(cat /etc/passwd)"
>>> stdout, stderr = subprocess.Popen(
                     ['cowsay', word]).communicate()
 ____________________ 
< $(cat /etc/passwd) >
 -------------------- 
        \   ^__^
         \  (oo)\_______
            (__)\       )\/\
                ||----w |
                ||     ||

More Related Contents:

  1. ChromeDriver Error: ‘chromedriver’ executable needs to be in PATH [duplicate]
  2. Actual meaning of ‘shell=True’ in subprocess
  3. What are the advantages of NumPy over regular Python lists?
  4. Does Python make a copy of objects on assignment?
  5. Convert a number range to another range, maintaining ratio
  6. How to convert integer timestamp into a datetime
  7. Add pygame module in PyCharm IDE
  8. Best way to format integer as string with leading zeros? [duplicate]
  9. How to do n-D distance and nearest neighbor calculations on numpy arrays
  10. Python Regex to find a string in double quotes within a string
  11. Difference Between Two Lists with Duplicates in Python
  12. Conda set LD_LIBRARY_PATH for env only [duplicate]
  13. How can I programmatically change the background in Mac OS X?
  14. Tools for static type checking in Python
  15. How to copy directory recursively in python and overwrite all?
  16. Fill cells with colors using openpyxl?
  17. Turtle module – Saving an image
  18. Beautifulsoup : Difference between .find() and .select()
  19. Why does the floating-point value of 4*0.1 look nice in Python 3 but 3*0.1 doesn’t?
  20. How do I set the driver’s python version in spark?
  21. How to find “import name” of any package in Python?
  22. How do I work with images in Bokeh (Python)
  23. Python console default hex display
  24. How to change the location of the pointer in python?
  25. Python consistent hash replacement
  26. Python PyQt on macOS Sierra
  27. Python module to enable ANSI colors for stdout on Windows?
  28. How to change matplotlib backends
  29. “Failed building wheel for psycopg2” – MacOSX using virtualenv and pip
  30. Any way to get one process to have a write lock and others to just read on parallel?

Leave a Comment