Even worse (was Re: Google Code Search)

Andy Armstrong andy at hexten.net
Fri Oct 6 18:11:24 BST 2006


On 6 Oct 2006, at 17:36, Lusercop wrote:
> Not a security risk in this case, per se, but a risk nonetheless.

Yes, my mistake. Sorry. I misread the OP as an implication that they  
were actual security holes.

> My personal opinion is that *any* use of gets() is bad. If you're not
> bothering with that, then what else have you done wrong?

Quite agree.

-- 
Andy Armstrong, hexten.net



More information about the london.pm mailing list