-----BEGIN PGP SIGNED MESSAGE-----


>>>>> "Perry" == Perry E Metzger <perry@piermont.com> writes:
    Perry> I think, however, that any SUID or daemon program that is
    Perry> not performance critical should probably have all the
    Perry> string manipulators converted over. I can't think of many
    Perry> that are performance critical -- so this means most of
    Perry> them.

  Let's not forget this; we are talking about putting together a
libcsafe.
  I'd say build it and remove all the "unsafe" functions so we get
link errors.
  What we need is for someone to
	1. make bsd.suidprog.mk
	2. build the libcsafe
  and then we just need to generate a list of programs that
are affected (remember, this includes root-run daemons that accept
input, e.g. telnetd, rlogind, rshd, inetd, etc). A group of people can
then go through these programs and make sure that they link.

  My opinion is that disk space is cheap, and I'm willing to have all
setuid programs and common root-run daemons statically linked. X is
the one exception.
   
  I would be happy to do #1 and #2, and collect the list of things
that people think should be removed from libcsafe along with the list
of programs affected.

   :!mcr!:            |  Network security consulting and 
   Michael Richardson |      contract programming
 WWW: mcr@sandelman.ottawa.on.ca. PGP key available.



-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: latin1
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface

iQBVAwUBMrX0StTTll4efmtZAQHNGgIAzEuUWilv5t0CyCkS6GiWZTAfCpEzNkaZ
LkWICY0BNrnCZA8uWdTII82eRS/A0PXITVs9S0tJCuK/gLitpqe0TQ==
=IvNI
-----END PGP SIGNATURE-----