On Fri, Sep 02, 2016 at 02:50:28PM -0400, Leo Famulari wrote: > > *shiver* Why would one implement this in an language like C, which is > > prone to buffer overflows, if there are implementations available in > > more secure languages? > > I wouldn't propose this package if it wasn't part of OpenBSD's base > system: > > http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/acme-client/
To clarify my statement, I think the OpenBSD project has a reputation for writing good C. Also they design software to fail safely, by designing privilege separation into their tools, inventing and using pledge(2), etc. This portable version of the software only gets some of those benefits, but it does get some of them. That's I didn't propose this package until I saw that it had been reviewed and adopted by OpenBSD.
