使用Golang安全执行命令（避免远程执行）

Generally magic functions like that are very hard to get right and often they will leave your application open to attacks if you rely heavily on them.

I would recommend that you use a smart URL/request scheme to get the commands you need to run and put some level of interpretation in between the user request and your shell execution so no parameters given by the user is used directly.

You could get request that contain ?verbose=true and translate them to -v on the command line eg. When dealing with user input like strings that need to be directly given to the command being run you need to do simple escaping with quotes (with a simple check to see if the input contain quotes) to ensure you don't run into a "Bobby Tables" problem.

An alternative way would be to have your program and the underlying command exchange data through pipes or files eg. which would reduce the likeliness of leaving command input an open attack vector.