Oliver Falk wrote:
Most developers I know, don't worry about >warnings<, but do if their code aborts. If a developer then doesn't worry about the real (security) problem, but only about the abort itself and just workaround that - it's simply a fault... The other option? stderr "FIX YOUR OPEN :-P"; sleep 600. :-) If you compile the whole Fedora tree, how many warnings will you see? How many warnings are about 'better use mkstemp' - for security reasons... If you don't abort you'll not catch the developers attention... It's too bad, but true... Don't want to step on dev's toes of course - it's for sure not true for *all* developers!
I was talking about runtime warnings... Really nasty looking messages so they couldn't be ignored... steved. -- Fedora-maintainers mailing list Fedora-maintainers@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-maintainers -- Fedora-maintainers-readonly mailing list Fedora-maintainers-readonly@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-maintainers-readonly
