| Deutsch English Français Italiano |
|
<mailman.16.1725045529.2917.python-list@python.org> View for Bookmarking (what is this?) Look up another Usenet article |
Path: ...!3.eu.feeder.erje.net!feeder.erje.net!fu-berlin.de!uni-berlin.de!not-for-mail From: Simon Connah <simon.n.connah@protonmail.com> Newsgroups: comp.lang.python Subject: Sanitise user input for a script Date: Fri, 30 Aug 2024 19:18:29 +0000 Lines: 42 Message-ID: <mailman.16.1725045529.2917.python-list@python.org> References: <Y_Bag-4OjGfIUUu5xJIzjMhKnizgNZcYAf05yMBQT7n_j-eeooAwDo2e1yVK1FWLbhUeQLmRZ82ywJcyqs13yuDBuejH_fHBxwNHDBRm_1A=@protonmail.com> Mime-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha512; boundary="------3799dd36afc264420b5b72f92c3d78da556b04024bc702f9c72563836027c757"; charset=utf-8 X-Trace: news.uni-berlin.de BMxs4DcqBWYM8tRJKrLrGgRwtJvfdGW/9N+10UcPmEtQ== Cancel-Lock: sha1:rd7rc2q0m4bExBdx3hVDfpXvBrQ= sha256:iJx4FY7jPTGUkumak3fvM1DYte6sdUbDp1RJ4vmQg3Y= Return-Path: <simon.n.connah@protonmail.com> X-Original-To: python-list@python.org Delivered-To: python-list@mail.python.org Authentication-Results: mail.python.org; dkim=pass reason="2048-bit key; unprotected key" header.d=protonmail.com header.i=@protonmail.com header.b=CvSek3zY; dkim-adsp=pass; dkim-atps=neutral X-Spam-Status: OK 0.034 X-Spam-Evidence: '*H*': 0.93; '*S*': 0.00; 'content- type:multipart/signed': 0.05; 'content-type:application/pgp- signature': 0.09; 'filename:fname piece:asc': 0.09; 'filename:fname piece:signature': 0.09; 'filename:fname:signature.asc': 0.09; 'subject:script': 0.09; 'content-disposition:attachment; filename="signature.asc"': 0.16; 'machine.': 0.16; 'protecting': 0.16; 'received:mail-europe.com': 0.16; 'python': 0.16; 'to:addr:python-list': 0.20; 'input': 0.21; "i'd": 0.24; 'thinking': 0.28; 'suggestions': 0.28; 'message- id:@protonmail.com': 0.32; 'but': 0.32; "i'm": 0.33; 'subject:for': 0.33; 'script': 0.33; 'someone': 0.34; 'using': 0.37; 'way': 0.38; 'could': 0.38; 'best': 0.61; 'let': 0.66; 'content-type:multipart/mixed': 0.68; 'know.': 0.68; 'malicious': 0.69; 'protection': 0.70; 'offer': 0.71; 'header:Received:2': 0.84; 'itself.': 0.84; 'received:188.165': 0.84 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com; s=protonmail3; t=1725045514; x=1725304714; bh=iyhsnYOMEyTDBDK2UjufH4hQnb0xFyGbBIOBvJiqo/c=; h=Date:To:From:Subject:Message-ID:Feedback-ID:From:To:Cc:Date: Subject:Reply-To:Feedback-ID:Message-ID:BIMI-Selector; b=CvSek3zYliuKmz+wmA27rpeBQNGKFBmoKr0iOhV6Hf7X3cMfAffTEjWx4ItSkHJ54 Zd5B8myH7ndbYnV3Y8YTp8P9YQOYHegzRr+QV8CGcqyc2O+PUonsd9m4Zk+KcOhCqc YaP8g3wS6RSthXFzxNx0W6G+4Gd7V4GJxOp+DlkyPdaopqoL9d2jOm+N7jx3pHU0lm ucXlwQDHnHRS6o9l3aBrgAUagNykAZTQ1zAJSjVt7zrW/v7s03hPLu9Q+T6w/cgC4f Z8O8KAIieFU3zzAA1U7WOtg60OGziRBW5DeanT2w7Y5uzLMKIzBRyrVI2aat1xA83N Yx+tj2Ob7fq+A== Feedback-ID: 24074989:user:proton X-Pm-Message-ID: f0144b6fb1b06a6ac631d1da297437dab478d937 X-BeenThere: python-list@python.org X-Mailman-Version: 2.1.39 Precedence: list List-Id: General discussion list for the Python programming language <python-list.python.org> List-Unsubscribe: <https://mail.python.org/mailman/options/python-list>, <mailto:python-list-request@python.org?subject=unsubscribe> List-Archive: <https://mail.python.org/pipermail/python-list/> List-Post: <mailto:python-list@python.org> List-Help: <mailto:python-list-request@python.org?subject=help> List-Subscribe: <https://mail.python.org/mailman/listinfo/python-list>, <mailto:python-list-request@python.org?subject=subscribe> X-Mailman-Original-Message-ID: <Y_Bag-4OjGfIUUu5xJIzjMhKnizgNZcYAf05yMBQT7n_j-eeooAwDo2e1yVK1FWLbhUeQLmRZ82ywJcyqs13yuDBuejH_fHBxwNHDBRm_1A=@protonmail.com> Bytes: 5302 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------3799dd36afc264420b5b72f92c3d78da556b04024bc702f9c72563836027c757 Content-Type: multipart/mixed;boundary=---------------------7f78155699e4b71dd1f43bbeb806ea1b -----------------------7f78155699e4b71dd1f43bbeb806ea1b Content-Transfer-Encoding: quoted-printable Content-Type: text/plain;charset=utf-8 I need to write a script that will take some user input (supplied on a web= site) and then execute a Python script on a host via SSH. I'm curious what= the best options are for protecting against malicious input in much the s= mae way as you sanitise SQL to protect against SQL injections. I could do it either on the website itself or by doing it on the host mach= ine. I'm thinking of using argparse but I'm aware it does not offer any protect= ion itself. If someone has any suggestions I'd appreciated it. If you need more inform= ation then please let me know. Simon. -----------------------7f78155699e4b71dd1f43bbeb806ea1b-- --------3799dd36afc264420b5b72f92c3d78da556b04024bc702f9c72563836027c757 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: ProtonMail wnUEARYKACcFgmbSGvkJkFrvKC74ta6lFiEEXOYF9uqFRn4815bYWu8oLvi1 rqUAAOgEAP9O7AbTQdJSny1dPyVdVs53xwfKdpwWmxRYjpNrS6Gh1QD8Cmx7 uawuYvSGsf5icNgIbAPGX1E1mWI00CnngjZQBA4= =l2NH -----END PGP SIGNATURE----- --------3799dd36afc264420b5b72f92c3d78da556b04024bc702f9c72563836027c757--