[I assume everyone is on current-users...]

> > Hmm.  Anyone for producing a "libcsafe" which doesn't include:
> > [...]
> > and other "unsafe", but traditional, interfaces, and then linking all
> > setuid system programs against it instead of libc?
> 
> While i dunno about this, i do think that at the very least adding
> reference-warning macros for those functions might be appropriate.

That might be a good idea, (although a lot of systems don't have
snprintf() and I'd probably get real tired of seeing the warning
for ported software--then again, I'd probably want to see that they
use unsafe functions).

I'm not sure I like the idea of a libcsafe that just disables those
functions since it's easy to misuse the "safe" routines, too, and
at least with that name, you're implying a sense of safety that might
be completely false in the face of even stupid typos...

	char foo[80];

	snprintf(foo, 800, "...

-allen

-- 
              Allen Briggs - end killing - briggs@macbsd.com