Why is this Python command injection possible?

Why is this Python command injection possible in a media service. The Python code builds a shell command with user input and runs it with shell=True. In Python backends this allows attackers to execute commands.

#whatswrongwiththispythoncode #pythonbug #pythonproductionbug #pythondebugging #pythonbackend #pythoncodereview #pythonmistake #pythonbestpractices #pythonreliability #pythonincident #pythona...

https://www.youtube.com/watch?v=4Bkzc5ZVrxE

Jeden błąd w #PyPy naprawiony, i #IPython w #Gentoo jest na #PyPy 3.11.

Jeden błąd w bibliotece standardowej #Pythona naprawiony, #Django w Gentoo jest na PyPy 3.11.

Powiedziałbym, że całkiem udany dzień.

https://github.com/pypy/pypy/pull/5239
https://github.com/python/cpython/pull/130962

#Python

#TenchiMuyo #magneto #meme #ayeka #pythona #gijoe #mightyorbots #dia

#TenchiMuyo #magneto #meme #ayeka #pythona #gijoe