Its common security knowledge gets() is unsafe. It has no bounds checking. I only talk about security and ease of use. Its the only thing I like to talk about. :) I love security. from my manpages-- SECURITY CONSIDERATIONS The gets() function cannot be used securely. Because of its lack of bounds checking, and the inability for the calling program to reliably determine the length of the next incoming line, the use of this function enables malicious users to arbitrarily change a running program's func- tionality through a buffer overflow attack. --------- There are many other insecure function calls. The knowledge on how to use them properly is very nice to have. Which most people lack. Also using printf() for certain types of usage can lead to exploits. buffer overflow problems, etc. btw, I am a BSD dragon. So expect to get information like this from me ;) I bite, be careful --David Ross --- Mikael Brockman <mikael / phubuh.org> wrote: > David Ross <drossruby / yahoo.com> writes: > > > Yes, that is the 20 million story. I smile at that > one > > still. Someone please fwap() me if I ever make a > > release with a bug like that :) > > > > It is equally important in any language that > mistakes > > are not made like this. They are very dangerous. I > am > > curious on the print functions in Ruby as to if > the > > ones that are unsafe to use in certain > applicatoins > > are equally unsafe in Ruby. Of course gets() is > > unsafe, it is in every language. > > Huh? Why? > > > _______________________________ Do you Yahoo!? Win 1 of 4,000 free domain names from Yahoo! Enter now. http://promotions.yahoo.com/goldrush