Message162777
Hi Christian. It's either secure or it's not. If it's not, there is no point in introducing it at all as I don't think it's a good idea to have a kind-of-secure-but-i-dont-know functions in stdlib.
If you restrict input to bytes it looks okish, but I looked at all the code that's invoked on the C side and it's quite a lot of code. Does you or anyone else actually go and review all the C code that's called via various operations to check if it does or does not depend on the value of various characters? I can't tell myself, it's too long. |
|
Date |
User |
Action |
Args |
2012-06-14 12:16:48 | fijall | set | recipients:
+ fijall, loewis, arigo, pitrou, christian.heimes, hynek |
2012-06-14 12:16:48 | fijall | set | messageid: <1339676208.48.0.978931257844.issue15061@psf.upfronthosting.co.za> |
2012-06-14 12:16:47 | fijall | link | issue15061 messages |
2012-06-14 12:16:47 | fijall | create | |
|