Message 253689 - Python tracker (original) (raw)

My patch for mailcap.py. Please check and apply my patch please.

1. I have removed the os.system() calls for security reasons.

2. New "findmtach_list()" function witch returns the commandline as a [list] witch can be passed to subprocess instead of passing it to os.system().

3. New run() function to execute the cmd_list with subprocess.

4. The test() function now uses findmatch_list() and run() instead of the old findmatch() and os.system() calls.

5. The subst() function is now shorter an does a quote(filename) when its replacing %s with a filename.

6. The "old" findmatch() function is still there if the user still likes to have the commandline as a "string". Attention ! With this old findmatch() function it's still possible that a shell command in the filename like '$(ls).txt' will be executed when the users passes the string to os.system() outside the mailcap script. Use findmatch() only for backwards compatibility.

7. Use the new findmatch_list() an run() for future projects.

8. Add 1)-7) to the docs

Thank you.