Update:I should add that if you bypass the shell with exec (as salva and the FAQ above suggest), then there is less concern about malicious arguments such as ";rm -rf * *.*", which is what my other reply was addressing, but I don't know enough about dict to be able to categorically say any argument passed to it this way would be safe. FWIW, my guess is that it would be, since I just can't imagine a DoS attack, for example, based on some special argument to dict.