Chris> re: the gets() warning:
Chris>
Chris> It *SHOULD NOT* be removed.  any program which uses gets() has
Chris> a potential bug (and, if it's a set-id program, a potential
Chris> security hole).

I disagree.  I'd like to see NetBSD become ANSI C compliant, and the
"side effect" of gets() printing a warning message makes that
impossible.

I believe that Chris Torek once said (this was long ago) that he put
the warning message in gets() since there was no way to warn against
its usage at compile/link time.  But, as Roland and I have said in
earlier messages, with our ld it's now possible to get a link-time
warning.  This is where (I think) the warning belongs.

Chris> Good alternatives to gets() have been around for a long time,
Chris> and its insecure naturs has been known for a long time, too.
Chris>
Chris> The only reason it's used anymore is programmer cluelessness
Chris> and/or laziness.

No argument here.

	--jtc

------------------------------------------------------------------------------