Return to BSD News archive
Xref: sserve comp.os.386bsd.questions:11766 comp.os.386bsd.development:2331 comp.os.386bsd.misc:2795 Path: sserve!newshost.anu.edu.au!harbinger.cc.monash.edu.au!bunyip.cc.uq.oz.au!munnari.oz.au!spool.mu.edu!agate!priam.CS.Berkeley.EDU!edward From: edward@priam.CS.Berkeley.EDU (Edward Wang) Newsgroups: comp.os.386bsd.questions,comp.os.386bsd.development,comp.os.386bsd.misc Subject: Re: Why does FreeBSD 1.1.5 say gets() is unsafe? Date: 26 Jul 1994 06:58:15 GMT Organization: University of California, Berkeley Lines: 15 Message-ID: <312c67$1ae@agate.berkeley.edu> References: <30lrf3$2ii@acmez.gatech.edu> <ASAMI.94Jul25151654@forgery.cs.berkeley.edu> <311m2e$o33@agate.berkeley.edu> <311uec$4cm@GRAPEVINE.LCS.MIT.EDU> NNTP-Posting-Host: priam.cs.berkeley.edu Cc: In article <311uec$4cm@GRAPEVINE.LCS.MIT.EDU>, Garrett Wollman <wollman@ginger.lcs.mit.edu> wrote: >So your argument is that gets() is not necessarily unsafe, but always >incorrect. Interesting... Sometimes incorrect, or usually correct, which is the best we can say about any program. >I wonder what it would take to convince gets() to execute `system("rm >-rf /")'... But only your own files will be removed. Shouldn't we be taking this outside?