|
|
|
|
|
|
by aspizu
252 days ago
|
|
|
I've created a library that use t-strings to prevent shell injection that even works on Windows. It's written in Rust. https://github.com/aspizu/tshu $ uv run --with tshu python -m asyncio
>>> from tshu import sh
>>> username = "aspizu; rm -rf /"
>>> await sh(t"echo {username}")
aspizu; rm -rf /
|
|
|
Does this code print out the contents of the file named `--help`, or does it print the documentation for the `cat` command?