Thanks for proving Bernstein right
Posted Nov 4, 2007 18:50 UTC (Sun) by man_ls
In reply to: Thanks for proving Bernstein right
Parent article: Daniel Bernstein: ten years of qmail security
That is exactly what we don't want: that your code requires you to use obscure compiler flags (i.e. not enabled by default) or to avoid otherwise perfectly good functions (I assume you mean
strcat()). C places the burden of secure programming on developers, where other languages solve many of these issues automatically.
Most security issues that actually have any impact are caused by stupid little things like these. Funny, isn't it?
to post comments)