The Bourne shell is definitely less work unless you want your code to correctly or reliably handle user input. Then it's more work.
Not in my experience. Any concrete examples off the top of your head, where it's more work than setting up pipes in python manually?
Fill in the blank to run a docker container which opens the file with user-provided path in (say) vim.
docker run --rm -it ...?
Now run a container doing the exact same thing ("docker-in-docker").
docker run --rm -it -v $DOCKER_HOST:/var/run/docker.sock ...?
> Fill in the blank to run a docker container which opens the file with user-provided path in (say) vim.
Never used docker before, but this seems to work:
docker run --rm -it debian bash -c 'vim -- "$1"' _ "$user_provided_path"Looks relatively safe to me, though it doesn't seem to work because debian:latest doesn't have vim in it (so I'm skeptical of your implicit claim of having tried it), and, if $user_provided_path is empty, it defaults to browsing the filesystem. But there are a lot of characters there that are specifically there to avoid footguns; without them, it would seem to work, but it would fail when $user_provided_path contained special characters.
The version I tested was
docker run --rm -it debian bash -c 'apt update; apt install -y vim; vim -- "$1"' _ "$user_provided_path"> your implicit claim of having tried it
I tried printing positional parameters, they looked fine. (And already uninstalled docker. What's the point of containerization if you need superuser privileges to use it?)
> if $user_provided_path is empty, it defaults to browsing the filesystem
That's what
vim -- ""
> But there are a lot of characters there that are specifically there to avoid footguns
What are those characters? --? That's not a lot