#14653 closed (fixed)
GeoDjango utils shouldn't include a Popen shortcut
| Reported by: | Paul McMillan | Owned by: | nobody |
|---|---|---|---|
| Component: | GIS | Version: | 1.2 |
| Severity: | Keywords: | ||
| Cc: | Triage Stage: | Accepted | |
| Has patch: | no | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | no | UI/UX: | no |
Description
contrib.gis.db.backends.util includes getstatusoutput(cmd), which executes a command using Popen and returns the result.
This function doesn't seem to be in use anywhere within the GIS code. Including shortcuts like this without good reason encourages dangerous behavior. I propose that we remove this now, or mark it with a DeprecationWarning and remove it in 1.4. It is undocumented, and presents a potential security hole for unwary users.
Change History (4)
comment:1 by , 14 years ago
| Triage Stage: | Unreviewed → Accepted |
|---|
comment:2 by , 14 years ago
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
comment:3 by , 14 years ago
Note:
See TracTickets
for help on using tickets.
Since it is not documented, we should just remove it.