@@ -260,8 +260,8 @@ default values. The arguments that are most commonly needed are:
260260 untrusted source makes a program vulnerable to `shell injection
261261 <http://en.wikipedia.org/wiki/Shell_injection#Shell_injection> `_,
262262 a serious security flaw which can result in arbitrary command execution.
263- For this reason, the use of * shell=True * is **strongly discouraged ** in cases
264- where the command string is constructed from external input::
263+ For this reason, the use of `` shell=True `` is **strongly discouraged **
264+ in cases where the command string is constructed from external input::
265265
266266 >>> from subprocess import call
267267 >>> filename = input("What file would you like to display?\n")
@@ -346,18 +346,18 @@ functions.
346346
347347 Popen(['/bin/sh', '-c', args[0], args[1], ...])
348348
349- .. warning ::
350-
351- Enabling this option can be a security hazard if combined with untrusted
352- input. See the warning under :ref: `frequently-used-arguments `
353- for details.
354-
355349 On Windows with ``shell=True ``, the :envvar: `COMSPEC ` environment variable
356350 specifies the default shell. The only time you need to specify
357351 ``shell=True `` on Windows is when the command you wish to execute is built
358352 into the shell (e.g. :command: `dir ` or :command: `copy `). You do not need
359353 ``shell=True `` to run a batch file or console-based executable.
360354
355+ .. warning ::
356+
357+ Passing ``shell=True `` can be a security hazard if combined with
358+ untrusted input. See the warning under :ref: `frequently-used-arguments `
359+ for details.
360+
361361 *bufsize *, if given, has the same meaning as the corresponding argument to the
362362 built-in open() function: :const: `0 ` means unbuffered, :const: `1 ` means line
363363 buffered, any other positive value means use a buffer of (approximately) that
0 commit comments