12 Working with the operating system

This chapter covers

Enforcing filesystem-level authorization with the os module
Creating temp files with the tempfile module
Invoking external executables with the subprocess module
Resisting shell injection and command injection

The last few chapters were a lot about authorization. You learned about users, groups, and permissions. I start this chapter by applying these concepts to filesystem access. Afterward, I show you how to safely invoke external executables from within Python. Along the way, you’ll learn how to identify and resist two types of injection attacks. This sets the tone for the rest of the book, which focuses exclusively on attack resistance.

12.1 Filesystem-level authorization

Get Full Stack Python Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Full Stack Python Security by Dennis Byrne

12 Working with the operating system

12.1 Filesystem-level authorization

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly