In message <[EMAIL PROTECTED]> Will Andrews writes:
: > I'm still not sure about the shell environment actually buying
: > anything, but I could see how it might help.
:
: I'm not understanding what you're saying here.
I'm saying I agree with Garrett in that I don't see what checking for
valid shells buys us in the general case. I'm saying that maybe we
might save some sloppy cgi/shell progarmmer from him/her self when the
script kidz attack that script. But that's sucha large stretch that
I don't see that as a win. Eg, it doesn't buy us much in real
situations.
Warner
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
