Date: Thu, 04 Jan 2001 19:47:02 -0700 From: Warner Losh <imp@bsdimp.com> To: Will Andrews <will@physics.purdue.edu> Cc: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>, current@FreeBSD.ORG Subject: Re: cvs commit: src/usr.bin/apply apply.c Message-ID: <200101050247.f052l2149361@harmony.village.org> In-Reply-To: Your message of "Thu, 04 Jan 2001 18:25:46 EST." <20010104182546.T86630@argon.firepipe.net> References: <20010104182546.T86630@argon.firepipe.net> <20010104172004.P86630@argon.firepipe.net> <200101041905.f04J5ou82617@freefall.freebsd.org> <200101041909.OAA61522@khavrinen.lcs.mit.edu> <20010104172004.P86630@argon.firepipe.net> <200101042320.f04NKm147924@harmony.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <20010104182546.T86630@argon.firepipe.net> Will Andrews writes: : > I'm still not sure about the shell environment actually buying : > anything, but I could see how it might help. : : I'm not understanding what you're saying here. I'm saying I agree with Garrett in that I don't see what checking for valid shells buys us in the general case. I'm saying that maybe we might save some sloppy cgi/shell progarmmer from him/her self when the script kidz attack that script. But that's sucha large stretch that I don't see that as a win. Eg, it doesn't buy us much in real situations. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200101050247.f052l2149361>