> >Since this sort of BASIC-grade programming is such a perennial problem, perhaps
> >someone should write a safe_system() to replace such calls with, that does
> >more arg checking, flushes dangerous things, warns of impending lossage, etc?
> >One or more instances of this should have been written ten years ago.
> It'd be AI-complete. How do you know what's dangerous & what's not?
> I'd rather not have people thinking safe_system() is safe when it
> really isn't.
How about doing for system() what 386BSD does for gets()?
cobalt 67 % ./a.out
warning: this program uses gets(), which is unsafe.
Some people might find a 386BSD-type solution a bit draconian, especially
in a production environment, but it really gets the message across.
From: Steve Simmons <scs @