[ On Sunday, November 17, 2002 at 22:49:34 (+0200), Jun-ichiro itojun Hagino wrote: ]
> Subject: CVS commit: basesrc/lib/libc
>
> (there are bunch of "strcpy is safe" comments, i think we should change them
> to strlcpy as much as possible)

Why do you say that?  strcpy() really is perfectly fine and safe to use
in many contexts (perhaps even in the ones you refer to).  Wholesale
avoidance of the likes of strcpy() sounds like very much too much
paranoia to me (or too much reliance on overly simplistic analysis
tools).  Safe and secure programming in C is always going to require
awareness of these issues -- papering over by ripping out things that
trigger bad connotations won't help any, and may even hurt in some way
(eg. performance, unnecessary code obfuscation, etc., etc.).

-- 
								Greg A. Woods

+1 416 218-0098;            <g.a.woods@ieee.org>;           <woods@robohack.ca>
Planix, Inc. <woods@planix.com>; VE3TCP; Secrets of the Weird <woods@weird.com>