Subprocess
>>> import subprocess
>>> subprocess.call([‘ps’, ‘aux’])
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.4 0.1 2296 1516 ? Ss 11:40 0:00 init [2]
root 2 0.0 0.0 0 0 ? S 11:40 0:00 [kthreadd]
root 3 0.0 0.0 0 0 ? S 11:40 0:00 [ksoftirqd/0]
root 4 0.0 0.0 0 0 ? S 11:40 0:00 [kworker/0:0]
root 5 0.0 0.0 0 0 ? S< 11:40 0:00 [kworker/0:0H]
root 6 0.0 0.0 0 0 ? S 11:40 0:00 [kworker/u2:0]
root 7 0.1 0.0 0 0 ? S 11:40 0:00 [rcu_sched]
root 8 0.0 0.0 0 0 ? S 11:40 0:00 [rcu_bh]
root 9 0.0 0.0 0 0 ? S 11:40 0:00 [migration/0]
root 10 0.0 0.0 0 0 ? S 11:40 0:00 [watchdog/0]
root 11 0.0 0.0 0 0 ? S< 11:40 0:00 [khelper]
root 12 0.0 0.0 0 0 ? S 11:40 0:00 [kdevtmpfs]
root 13 0.0 0.0 0 0 ? S< 11:40 0:00 [netns]
root 14 0.0 0.0 0 0 ? S< 11:40 0:00 [perf]
root 15 0.0 0.0 0 0 ? S 11:40 0:00 [khungtaskd]
root 16 0.0 0.0 0 0 ? S< 11:40 0:00 [writeback]
root 17 0.0 0.0 0 0 ? SN 11:40 0:00 [ksmd]
root 18 0.0 0.0 0 0 ? SN 11:40 0:00 [khugepaged]
root 19 0.0 0.0 0 0 ? S< 11:40 0:00 [crypto]
root 20 0.0 0.0 0 0 ? S< 11:40 0:00 [kintegrityd]
root 21 0.0 0.0 0 0 ? S< 11:40 0:00 [bioset]
root 22 0.0 0.0 0 0 ? S< 11:40 0:00 [kblockd]
root 23 3.2 0.0 0 0 ? S 11:40 0:04 [kworker/0:1]
root 24 0.0 0.0 0 0 ? S< 11:40 0:00 [devfreq_wq]
root 25 0.0 0.0 0 0 ? S 11:40 0:00 [kswapd0]
root 26 0.0 0.0 0 0 ? S 11:40 0:00 [fsnotify_mark]
root 33 0.0 0.0 0 0 ? S< 11:40 0:00 [kthrotld]
root 34 0.0 0.0 0 0 ? S< 11:40 0:00 [ipv6_addrconf]
root 35 0.0 0.0 0 0 ? S< 11:40 0:00 [deferwq]
root 36 0.0 0.0 0 0 ? S 11:40 0:00 [kworker/u2:1]
root 104 0.0 0.0 0 0 ? S< 11:40 0:00 [ata_sff]
root 136 0.0 0.0 0 0 ? S 11:40 0:00 [scsi_eh_0]
root 137 0.0 0.0 0 0 ? S< 11:40 0:00 [scsi_tmf_0]
root 138 0.0 0.0 0 0 ? S 11:40 0:00 [scsi_eh_1]
root 139 0.0 0.0 0 0 ? S 11:40 0:00 [kworker/u2:2]
root 140 0.0 0.0 0 0 ? S< 11:40 0:00 [scsi_tmf_1]
root 141 0.0 0.0 0 0 ? S 11:40 0:00 [scsi_eh_2]
root 142 0.0 0.0 0 0 ? S< 11:40 0:00 [scsi_tmf_2]
root 143 0.0 0.0 0 0 ? S 11:40 0:00 [kworker/u2:3]
root 144 0.0 0.0 0 0 ? S 11:40 0:00 [kworker/u2:4]
root 145 0.3 0.0 0 0 ? S 11:40 0:00 [kworker/0:2]
root 148 0.2 0.0 0 0 ? S 11:40 0:00 [kworker/0:3]
root 151 0.1 0.0 0 0 ? S< 11:40 0:00 [kworker/0:1H]
root 212 0.0 0.0 0 0 ? S< 11:40 0:00 [kdmflush]
root 213 0.0 0.0 0 0 ? S< 11:40 0:00 [bioset]
root 214 0.0 0.0 0 0 ? S< 11:40 0:00 [kcryptd_io]
root 215 0.0 0.0 0 0 ? S< 11:40 0:00 [kcryptd]
root 216 0.0 0.0 0 0 ? S< 11:40 0:00 [bioset]
root 223 0.0 0.0 0 0 ? S< 11:40 0:00 [kdmflush]
root 224 0.0 0.0 0 0 ? S< 11:40 0:00 [bioset]
root 226 0.0 0.0 0 0 ? S< 11:40 0:00 [kdmflush]
root 227 0.0 0.0 0 0 ? S< 11:40 0:00 [bioset]
root 247 0.0 0.0 0 0 ? S 11:40 0:00 [jbd2/dm-1-8]
root 248 0.0 0.0 0 0 ? S< 11:40 0:00 [ext4-rsv-conver]
root 393 0.0 0.2 2932 2564 ? Ss 11:40 0:00 udevd --daemon
root 530 0.0 0.2 2928 2332 ? S 11:40 0:00 udevd --daemon
root 531 0.0 0.2 2928 2332 ? S 11:40 0:00 udevd --daemon
root 546 0.0 0.0 0 0 ? S< 11:40 0:00 [kpsmoused]
root 568 0.9 0.0 0 0 ? S 11:40 0:01 [kworker/0:4]
root 1617 0.0 0.0 0 0 ? S< 11:40 0:00 [ext4-rsv-conver]
root 2263 0.0 0.2 27956 2612 ? Sl 11:40 0:00 /usr/sbin/rsyslogd -c5
root 2318 0.0 0.2 5196 2676 ? Ss 11:40 0:00 dhclient -v -pf /run/dhclient.eth0.pid -lf /var
102 2389 0.2 0.2 3704 2688 ? Ss 11:40 0:00 /usr/bin/dbus-daemon --system
root 2414 0.0 0.8 18840 8520 ? Ssl 11:40 0:00 /usr/sbin/NetworkManager
root 2446 0.0 0.5 18076 5184 ? Sl 11:40 0:00 /usr/sbin/gdm3
root 2465 0.1 0.6 24008 6264 ? Sl 11:40 0:00 /usr/lib/policykit-1/polkitd --no-debug
root 2466 0.0 0.6 20404 6972 ? Sl 11:40 0:00 /usr/lib/gdm3/gdm-simple-slave --display-id /or
root 2474 2.7 3.8 185940 39392 tty7 Ss+ 11:40 0:03 /usr/bin/Xorg :0 -br -verbose -novtswitch -auth
arpwatch 2480 0.0 0.4 6136 4484 ? S 11:40 0:00 /usr/sbin/arpwatch -u arpwatch -N -p
root 2490 0.0 0.4 6904 4776 ? S 11:40 0:00 /usr/sbin/modem-manager
daemon 2492 0.0 0.0 2168 124 ? Ss 11:40 0:00 /usr/sbin/atd
root 2556 0.0 0.1 3788 1976 ? Ss 11:40 0:00 /usr/sbin/cron
root 2614 0.0 0.1 10512 1756 ? Sl 11:40 0:00 /usr/sbin/pcscd
root 2650 0.0 0.5 23112 5288 ? Sl 11:40 0:00 /usr/lib/accountsservice/accounts-daemon
root 2654 0.0 0.5 27008 5320 ? Sl 11:40 0:00 /usr/sbin/console-kit-daemon --no-daemon
postgres 2656 0.9 1.0 45160 11308 ? S 11:40 0:01 /usr/lib/postgresql/9.1/bin/postgres -D /var/li
root 2741 0.0 0.6 34668 6244 ? Sl 11:40 0:00 /usr/lib/upower/upowerd
postgres 2847 0.0 0.3 45160 3572 ? Ss 11:40 0:00 postgres: writer process
postgres 2848 0.0 0.3 45160 3572 ? Ss 11:40 0:00 postgres: wal writer process
postgres 2849 0.0 0.5 45724 5336 ? Ss 11:40 0:00 postgres: autovacuum launcher process
postgres 2850 0.0 0.3 15532 3728 ? Ss 11:40 0:00 postgres: stats collector process
rtkit 2861 0.0 0.2 19004 2184 ? SNl 11:40 0:00 /usr/lib/rtkit/rtkit-daemon
root 2950 0.0 0.1 2296 1696 tty1 Ss+ 11:41 0:00 /sbin/getty 38400 tty1
root 2951 0.0 0.1 2296 1712 tty2 Ss+ 11:41 0:00 /sbin/getty 38400 tty2
root 2952 0.0 0.1 2296 1712 tty3 Ss+ 11:41 0:00 /sbin/getty 38400 tty3
root 2953 0.0 0.1 2296 1852 tty4 Ss+ 11:41 0:00 /sbin/getty 38400 tty4
root 2954 0.0 0.1 2296 1848 tty5 Ss+ 11:41 0:00 /sbin/getty 38400 tty5
root 2955 0.0 0.1 2296 1632 tty6 Ss+ 11:41 0:00 /sbin/getty 38400 tty6
root 2957 0.0 0.6 26828 6660 ? Sl 11:41 0:00 gdm-session-worker [pam/gdm3]
root 2964 0.0 0.6 59868 6332 ? Sl 11:41 0:00 /usr/bin/gnome-keyring-daemon --daemonize --log
root 2966 0.0 0.0 0 0 ? S 11:41 0:00 [kauditd]
root 2982 0.1 1.5 48996 15848 ? Ssl 11:41 0:00 x-session-manager
root 3027 0.0 0.1 3532 1756 ? S 11:41 0:00 dbus-launch --autolaunch=511a1c0ee95e1cfc823071
root 3028 0.0 0.1 3032 1964 ? Ss 11:41 0:00 /usr/bin/dbus-daemon --fork --print-pid 5 --pri
root 3031 0.0 0.4 30352 4572 ? Sl 11:41 0:00 /usr/lib/dconf/dconf-service
root 3043 0.0 0.0 3884 216 ? Ss 11:41 0:00 /usr/bin/ssh-agent /usr/bin/dbus-launch --exit-
root 3046 0.0 0.1 3532 1752 ? S 11:41 0:00 /usr/bin/dbus-launch --exit-with-session x-sess
root 3047 0.1 0.2 3540 2564 ? Ss 11:41 0:00 /usr/bin/dbus-daemon --fork --print-pid 5 --pri
root 3053 1.0 2.5 154344 26224 ? Sl 11:41 0:00 /usr/lib/gnome-settings-daemon/gnome-settings-d
root 3061 0.0 0.4 8568 4920 ? S 11:41 0:00 /usr/lib/gvfs/gvfsd
root 3070 0.0 0.6 9336 6436 ? S 11:41 0:00 /usr/lib/gvfs/gvfs-gdu-volume-monitor
root 3072 0.0 0.5 14828 5460 ? Sl 11:41 0:00 /usr/lib/udisks/udisks-daemon
root 3073 0.0 0.0 6368 260 ? S 11:41 0:00 udisks-daemon: polling /dev/sr0
root 3076 0.0 0.4 8616 5008 ? S 11:41 0:00 /usr/lib/gvfs/gvfs-gphoto2-volume-monitor
root 3078 0.0 0.3 19084 3392 ? Sl 11:41 0:00 /usr/lib/gvfs/gvfs-afc-volume-monitor
colord 3082 0.0 0.6 24600 6664 ? Sl 11:41 0:00 /usr/lib/i386-linux-gnu/colord/colord
root 3083 0.0 0.8 55748 8736 ? Sl 11:41 0:00 /usr/lib/packagekit/packagekitd
root 3084 0.2 1.5 38876 16384 ? Sl 11:41 0:00 /usr/bin/metacity
root 3086 0.0 0.7 46284 8200 ? Sl 11:41 0:00 /usr/lib/gnome-settings-daemon/gsd-printer
root 3089 2.0 3.3 88156 34888 ? Sl 11:41 0:01 gnome-panel
root 3105 0.0 0.4 8340 4892 ? S 11:41 0:00 /usr/lib/i386-linux-gnu/gconf/gconfd-2
colord 3111 0.3 1.2 42412 13256 ? Sl 11:41 0:00 /usr/lib/i386-linux-gnu/colord/colord-sane
root 3114 0.0 0.4 30352 4672 ? Sl 11:41 0:00 /usr/lib/dconf/dconf-service
root 3120 0.2 1.1 63912 11420 ? Sl 11:41 0:00 /usr/lib/tracker/tracker-store
root 3121 0.4 2.2 47316 23228 ? Sl 11:41 0:00 nm-applet
root 3122 0.0 1.4 31384 14700 ? Sl 11:41 0:00 /usr/lib/policykit-1-gnome/polkit-gnome-authent
root 3123 0.2 2.0 103128 21616 ? Sl 11:41 0:00 gnome-sound-applet
root 3127 0.0 1.4 56096 14972 ? Sl 11:41 0:00 /usr/lib/gnome-settings-daemon/gnome-fallback-m
root 3132 0.2 1.7 41972 17724 ? Sl 11:41 0:00 bluetooth-applet
root 3133 0.0 1.4 40136 15288 ? Sl 11:41 0:00 gnome-screensaver
root 3139 1.7 3.0 95292 31280 ? Sl 11:41 0:01 nautilus -n
root 3144 0.0 1.3 39588 14396 ? Sl 11:41 0:00 /usr/lib/notification-daemon/notification-daemo
root 3145 0.1 1.4 24864 15396 ? S 11:41 0:00 /usr/lib/gnome-disk-utility/gdu-notification-da
root 3148 0.2 1.1 41140 11780 ? SNl 11:41 0:00 /usr/lib/tracker/tracker-miner-fs
root 3154 0.2 0.8 97376 8560 ? S<l 11:41 0:00 /usr/bin/pulseaudio --start
root 3169 0.0 0.5 9088 6112 ? S 11:41 0:00 /usr/lib/gvfs/gvfsd-trash --spawner :1.4 /org/g
root 3171 0.0 0.5 8568 5272 ? S 11:41 0:00 /usr/lib/gvfs/gvfsd-burn --spawner :1.4 /org/gt
root 3179 0.0 0.5 8264 5856 ? S 11:41 0:00 /usr/lib/gvfs/gvfsd-metadata
root 3188 0.0 0.9 37036 9644 ? Sl 11:41 0:00 /usr/lib/telepathy/mission-control-5
root 3193 0.1 1.5 92024 15824 ? Sl 11:41 0:00 /usr/lib/gnome-online-accounts/goa-daemon
root 3201 2.7 2.2 62148 23528 ? Sl 11:41 0:00 gnome-terminal
root 3209 0.0 0.1 2096 1648 ? S 11:41 0:00 gnome-pty-helper
root 3210 0.4 0.4 6148 4680 pts/0 Ss 11:41 0:00 bash
root 3255 0.0 0.5 7288 5912 pts/0 S+ 11:42 0:00 python
root 3257 0.0 0.2 4296 2220 pts/0 R+ 11:42 0:00 ps aux
0>>>
>>> subprocess.call([‘ls’, ‘-al’])
total 1772
drwxrwxr-x 19 root root 4096 Jul 26 11:41 .
drwxr-xr-x 23 root root 4096 Jun 4 23:43 ..
-rw------- 1 root root 3827 Jul 19 16:19 .bash_history
-rw-rw-r-- 1 root root 3391 Mar 3 18:35 .bashrc
drwx------ 8 root root 4096 Jul 26 11:41 .cache
drwx------ 11 root root 4096 Jul 20 21:18 .config
drwxr-xr-x 6 root root 4096 Jun 30 00:46 .cpan
drwx------ 3 root root 4096 Jun 5 00:04 .dbus
drwxr-xr-x 5 root root 4096 Jul 26 11:43 Desktop
drwx------ 2 root root 4096 Jul 2 01:11 Downloads
drwx------ 3 root root 4096 Jul 26 11:41 .gconf
drwx------ 4 root root 4096 Jun 5 00:04 .gnome2
drwxr-xr-x 2 root root 4096 Jun 20 01:11 .gstreamer-0.10
drwx------ 2 root root 4096 Jun 5 00:04 .gvfs
-rw------- 1 root root 18900 Jul 26 11:41 .ICEauthority
drwxr-xr-x 3 root root 4096 Jun 5 00:04 .local
drwx------ 3 root root 4096 Jun 5 00:04 .mission-control
drwx------ 4 root root 4096 Jun 12 16:02 .mozilla
drwxr-xr-x 8 root root 4096 Jul 14 08:14 .msf4
-rw-r--r-- 1 root root 1667584 Jun 30 2011 ncat.exe
-rw-r--r-- 1 root root 140 Feb 5 21:16 .profile
drwx------ 2 root root 4096 Jul 26 11:41 .pulse
-rw------- 1 root root 256 Jun 5 00:04 .pulse-cookie
-rw------- 1 root root 1024 Mar 13 02:20 .rnd
drwxr-xr-x 3 root root 4096 Jul 17 17:48 .set
drwx------ 4 root root 4096 Jul 16 00:11 .thumbnails
-rw------- 1 root root 847 Jul 12 20:59 .viminfo
-rw------- 1 root root 3814 Jul 26 11:51 .xsession-errors
-rw------- 1 root root 8195 Jul 22 23:56 .xsession-errors.old
0>>>
>>> subprocess.check_output([‘ls’, ‘-al’])
'total 1772\ndrwxrwxr-x 19 root root 4096 Jul 26 11:41 .\ndrwxr-xr-x 23 root root 4096 Jun 4 23:43 ..\n-rw------- 1 root root 3827 Jul 19 16:19 .bash_history\n-rw-rw-r-- 1 root root 3391 Mar 3 18:35 .bashrc\ndrwx------ 8 root root 4096 Jul 26 11:41 .cache\ndrwx------ 11 root root 4096 Jul 20 21:18 .config\ndrwxr-xr-x 6 root root 4096 Jun 30 00:46 .cpan\ndrwx------ 3 root root 4096 Jun 5 00:04 .dbus\ndrwxr-xr-x 5 root root 4096 Jul 26 11:43 Desktop\ndrwx------ 2 root root 4096 Jul 2 01:11 Downloads\ndrwx------ 3 root root 4096 Jul 26 11:41 .gconf\ndrwx------ 4 root root 4096 Jun 5 00:04 .gnome2\ndrwxr-xr-x 2 root root 4096 Jun 20 01:11 .gstreamer-0.10\ndrwx------ 2 root root 4096 Jun 5 00:04 .gvfs\n-rw------- 1 root root 18900 Jul 26 11:41 .ICEauthority\ndrwxr-xr-x 3 root root 4096 Jun 5 00:04 .local\ndrwx------ 3 root root 4096 Jun 5 00:04 .mission-control\ndrwx------ 4 root root 4096 Jun 12 16:02 .mozilla\ndrwxr-xr-x 8 root root 4096 Jul 14 08:14 .msf4\n-rw-r--r-- 1 root root 1667584 Jun 30 2011 ncat.exe\n-rw-r--r-- 1 root root 140 Feb 5 21:16 .profile\ndrwx------ 2 root root 4096 Jul 26 11:41 .pulse\n-rw------- 1 root root 256 Jun 5 00:04 .pulse-cookie\n-rw------- 1 root root 1024 Mar 13 02:20 .rnd\ndrwxr-xr-x 3 root root 4096 Jul 17 17:48 .set\ndrwx------ 4 root root 4096 Jul 16 00:11 .thumbnails\n-rw------- 1 root root 847 Jul 12 20:59 .viminfo\n-rw------- 1 root root 4008 Jul 26 11:57 .xsession-errors\n-rw------- 1 root root 8195 Jul 22 23:56 .xsession-errors.old\n'
>>>
>>> lines = subprocess.check_output([‘ls’, ‘-al’])
>>> lines[0]
‘t’
>>> lines[1]
‘o’
>>> lines = subprocess.check_output([‘ls’])
>>> lines
‘Desktop\nDownloads\nncat.exe\n’
>>> lines[0]
‘D’
>>> lines_list = lines.split(‘\n’)
>>> lines_list
[‘Desktop’, ‘Downloads’, ‘ncat.exe’, ‘’]
>>>
>>> handle = subprocess.Popen(“ls”, stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE, close_fds=True)
>>> handle.stdoit.read()
‘Desktop\nDownloads\nncat.exe\n’
-----------------------------------------------------------------------------------------------------------
· Why is shell = True a security issue?








