Subject: Re: gets()
To: None <current-users@sun-lamp.cs.berkeley.edu, thorpej@cs.orst.edu>
From: Chris G. Demetriou <cgd@postgres.Berkeley.EDU>
List: current-users
Date: 03/10/1994 13:31:27
re: the gets() warning:
It *SHOULD NOT* be removed. any program which uses gets() has a potential
bug (and, if it's a set-id program, a potential security hole).
Good alternatives to gets() have been around for a long time, and its
insecure naturs has been known for a long time, too.
The only reason it's used anymore is programmer cluelessness and/or laziness.
cgd
------------------------------------------------------------------------------