Re: GTK+-1.2.9 Released

From: "J. Ali Harlow" <gtk-list avrc city ac uk>
To: Havoc Pennington <hp redhat com>
Cc: Owen Taylor <otaylor redhat com>, gtk-list gnome org, slashem-devel lists sourceforge net
Subject: Re: GTK+-1.2.9 Released
Date: Mon, 5 Mar 2001 19:14:33 +0000

On Mon, 05 Mar 2001, Havoc Pennington wrote:
> "J. Ali Harlow" <gtk-list optosun7 city ac uk> writes:
> w 
> > I do think you are being needlessly heavy handed. Even calling
> > gets(), which everybody agrees is not on, doesn't actually break the
> > application. And as I say, I will subvert the check if I have to. At
> > least if you supply a method of defeating the check you can still
> > issue a warning to the user and everything will be out in the open.
> > 
> 
> Right. Adding something like a GTK_ALLOW_INSECURE environment variable
> doesn't seem like a terrible idea, though it's too late to do so for
> 1.2.9.

Sounds good, although it probably needs to be app specific so that the user
keeps control. How about if the environment variable contained a list of apps
that the user accepted were insecure.

Naturally I realise that 1.2.9 is water under the bridge. Even I don't ask the
impossible :-)

-- 
Ali Harlow                              Email: ali avrc city ac uk
Research programmer                     Tel:   (020) 7477 8000 X 4348
Applied Vision Research Centre          Intl: +44 20 7477 8000 X 4348
City University                         Fax:   (020) 7505 5515
London                                  Intl: +44 20 7505 5515

References:
- GTK+-1.2.9 Released
  - From: Owen Taylor
- Re: GTK+-1.2.9 Released
  - From: J. Ali Harlow
- Re: GTK+-1.2.9 Released
  - From: Havoc Pennington

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]