In message: <87brlk2htj.fsf@snark.piermont.com>
            "Perry E. Metzger" <perry@piermont.com> writes:
: 
: groo@old-ones.com (Bill Squier) writes:
: > I have decided to further secure NetBSD by changing all the instances of
: > the word 'sprintf' in your log messages to 'snprintf'.
: >
: > All kidding aside, don't you feel that some of these changes are a waste of
: > your valuable time?  Many of these changes are in device drivers where the
: > lengths of these items are fixed.
: 
: I think that, in general, we should be eliminating all use of unsafe
: string ops everywhere, even when "known safe", because people do
: stupid things with time (like copying or changing code to produce
: unsafe results.) Even our smartest developers have screwed stuff like
: this up in the past.

Using the unsafe APIs in a safe way requires perfection.  I agree with
Perry here: history has shown that all developers are imperfect at
least once.

Warner