Skip to content

Documentation for subprocess.Popen()'s "user", "group", "extra_groups" args may need more usage info #94632

Open
@ald-extrahop

Description

@ald-extrahop

It's very easy for someone that doesn't really understand the details of how to drop privileges (e.g. me) to use the "user", "group", and "extra_groups" args to subprocess.Popen() incorrectly ... or at least not in a way that gets the results they expect. Since there are potentially many reasonable patterns for using these It might be at least worth documenting that just setting "user" isn't a replacement for running a command under su or runuser.

Metadata

Metadata

Assignees

No one assigned

    Labels

    docsDocumentation in the Doc dirtopic-subprocessSubprocess issues.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions