gnu-arch-users
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnu-arch-users] Re: Tlacontrib contribution: Alternative to .listin

From: Jan Hudec
Subject: Re: [Gnu-arch-users] Re: Tlacontrib contribution: Alternative to .listing files
Date: Thu, 23 Sep 2004 08:36:44 +0200
User-agent: Mutt/1.5.6+20040818i 
On Wed, Sep 22, 2004 at 10:17:06 -0400, Stefan Monnier wrote:
> > but it's in C, so it is faster and more secure.
> 
> Hmm.... since we care about security, wouldn't it be better to use something
> else than C (like something where buffer-overflows are simply not possible)?
> Maybe Perl, Python, Scheme, Elisp, or ... ?

Perl would be nice with it's taint mode. But anyway -- it only has one
static and one allocated buffer. The static one is used with read and
write of fixed size. So there is only one for decoding the query string
and that can be checked manualy reasonably. Other buffers are only
allocated by libc (like readdir, filehandles and such). It would be
a LOT slower in perl due to the start-up time and since it get's called
for all files, it would hurt.

-------------------------------------------------------------------------------
                                                 Jan 'Bulb' Hudec 
<address@hidden>

Attachment: signature.asc
Description: Digital signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]