> Date: Mon, 16 Dec 1996 13:44:41 -0500
> From: Bill Sommerfeld <sommerfeld@orchard.medford.ma.us>
> 
> Hmm.  Anyone for producing a "libcsafe" which doesn't include:
> 
> 	strcat
> 	strcpy
> 	sprintf
> 	gets
> 
> and other "unsafe", but traditional, interfaces, and then linking all
> setuid system programs against it instead of libc?

You could also create a "libcsafe" that DOES include those functions,
and ONLY those, but where those functions all just call abort.  You
might also make them invoke the magic link-time warning stuff.

This library could be supplied in the library list before libc when
linking s*id programs.   (Probably a non-shared version is best.)

Gordon