> I think that a vast majority of 'holes' in Unix programs are based on the > _DANGEROUS_ use of the system() function instead of the _MUCH_MORE_SECURE_ > fork()/exec() combination. Just beacuse the majority of `holes' you know are based on system(), doesnt mean you can make sweeping statements about the `vast majority of holes'. For example, the vast majority of holes I know are nothing to do with system(). Your mail makes some good points, but please dont spoil it with flame bait. ------------------------------------------+----------------------------------- Mailed using ELM on FreeBSD | Karl Strickland PGP 2.3a Public Key Available. | Internet: karl@bagpuss.demon.co.uk | or: karl%mvax@bagpuss.demon.co.uk