Skip to content

Fix TypeError when using subprocess shell=True under strict Java Secu…#419

Open
akspi wants to merge 1 commit intojython:masterfrom
akspi:fix-subprocess-shell-securitymanager
Open

Fix TypeError when using subprocess shell=True under strict Java Secu…#419
akspi wants to merge 1 commit intojython:masterfrom
akspi:fix-subprocess-shell-securitymanager

Conversation

@akspi
Copy link
Copy Markdown

@akspi akspi commented Mar 31, 2026

This change addresses the issue captured here: #418

Fixes #418

Stewori
Stewori reviewed Apr 1, 2026
View reviewed changes
Comment thread Lib/test/test_subprocess.py
if not jython:
return

import java.lang.SecurityManager as SecurityManager
Copy link
Copy Markdown
Member

@Stewori Stewori Apr 1, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just a note: SecurityManager is deprecated for removal. Perhaps, it's premature to address this here, before it's actually removed. Once it's removed and the definitive JDK version of the removal is known, we can add a conditional skip.

jeff5
jeff5 reviewed Apr 3, 2026
View reviewed changes
Comment thread Lib/test/test_subprocess.py

class SecurityManagerTestCase(unittest.TestCase):
def test_subprocess_shell_with_security_manager(self):
if not jython:
Copy link
Copy Markdown
Member

@jeff5 jeff5 Apr 3, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A nicer way to do this is the decorator @unittest.skipIf(not jython, .... There's a @unittest.skipIf(jython somewhere in the file. It could be applied to the class.

Really appreciate you adding a test.

jeff5
jeff5 requested changes Apr 3, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@jeff5 jeff5 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This seems like a valid bug and a sensible solution, thanks. I've only found points to criticise in the test. But thanks for adding one.

Comment thread Lib/test/test_subprocess.py

class MySecurityManager(SecurityManager):
def checkRead(self, file, context=None):
if file == "/bin/sh" or file == "cmd.exe" or file.endswith("sh"):
Copy link
Copy Markdown
Member

@jeff5 jeff5 Apr 3, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This needs a little more thought. Ok, it's only for the test and we're not proposing a real security manager. But it fails on my Windows machine because file contains "C:\Windows\System32\cmd.exe". And what is the intent of endswith("sh") anyway? So, probably endswith("cmd.exe").

It passes on the Windows CI because we do not enable the subprocess resource. (Seems like an omission right now.)

Fixed like that, and with checkRead printing what file it has be asked about, I find that subprocess._setup_platform() involves looking for an awful lot of files.

Comment thread Lib/test/test_subprocess.py
"-c", 1])


class SecurityManagerTestCase(unittest.TestCase):
Copy link
Copy Markdown
Member

@jeff5 jeff5 Apr 3, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Or on second thoughts, is this maybe happier in test_subprocess_jy.py, where everything is Jython-specific?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Stewori Stewori Stewori left review comments

@jeff5 jeff5 jeff5 requested changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

TypeError: unsupported operand type(s) for +: 'NoneType' and 'list' in subprocess.Popen when using shell=True under strict Java SecurityManager

3 participants

@akspi @Stewori @jeff5