From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Original-To: caml-list@yquem.inria.fr Delivered-To: caml-list@yquem.inria.fr Received: from concorde.inria.fr (concorde.inria.fr [192.93.2.39]) by yquem.inria.fr (Postfix) with ESMTP id C70F7BB81 for ; Sat, 19 Nov 2005 17:29:06 +0100 (CET) Received: from pauillac.inria.fr (pauillac.inria.fr [128.93.11.35]) by concorde.inria.fr (8.13.0/8.13.0) with ESMTP id jAJGT66F003792 for ; Sat, 19 Nov 2005 17:29:06 +0100 Received: from concorde.inria.fr (concorde.inria.fr [192.93.2.39]) by pauillac.inria.fr (8.7.6/8.7.3) with ESMTP id RAA11249 for ; Sat, 19 Nov 2005 17:29:05 +0100 (MET) Received: from mail.cs.unm.edu (mail.cs.unm.edu [64.106.20.33]) by concorde.inria.fr (8.13.0/8.13.0) with ESMTP id jAJGT55g003789 for ; Sat, 19 Nov 2005 17:29:05 +0100 Received: from localhost (localhost.localdomain [127.0.0.1]) by mail.cs.unm.edu (Postfix) with ESMTP id A85E1E4141; Sat, 19 Nov 2005 09:29:04 -0700 (MST) Received: from mail.cs.unm.edu ([127.0.0.1]) by localhost (mail [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 22702-09; Sat, 19 Nov 2005 09:29:04 -0700 (MST) Received: from [192.168.0.3] (pcp09983606pcs.svaley01.nm.comcast.net [68.35.58.177]) by mail.cs.unm.edu (Postfix) with ESMTP id 2E601E40F8; Sat, 19 Nov 2005 09:29:04 -0700 (MST) In-Reply-To: <20051119160532.GC471@first.in-berlin.de> References: <20051119150931.GB324@first.in-berlin.de> <42E4A821-E220-4463-ABAA-C33F6EDEE833@cs.unm.edu> <20051119160532.GC471@first.in-berlin.de> Mime-Version: 1.0 (Apple Message framework v746.2) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <5C50D738-A431-4A69-957B-5ACB02C6B3C8@cs.unm.edu> Cc: caml-list@inria.fr Content-Transfer-Encoding: 7bit From: William Neumann Subject: Re: Yet another OCaml Webserver?! (was: Re: [Caml-list] Yet another sudoku solver (838 bytes)) Date: Sat, 19 Nov 2005 09:29:41 -0700 To: Oliver Bandel X-Mailer: Apple Mail (2.746.2) X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at cs.unm.edu X-Miltered: at concorde with ID 437F52D2.000 by Joe's j-chkmail (http://j-chkmail.ensmp.fr)! X-Miltered: at concorde with ID 437F52D1.000 by Joe's j-chkmail (http://j-chkmail.ensmp.fr)! X-Spam: no; 0.01; ocaml:01 caml-list:01 solver:01 oliver:01 bandel:01 buffer:01 recompile:01 buffer:01 838:98 0490:98 curl:98 chocolate:98 pet:98 men's:98 billy:98 X-Spam-Checker-Version: SpamAssassin 3.0.3 (2005-04-27) on yquem.inria.fr X-Spam-Level: X-Spam-Status: No, score=0.9 required=5.0 tests=PLING_QUERY autolearn=disabled version=3.0.3 On Nov 19, 2005, at 9:05 AM, Oliver Bandel wrote: > ... works well: > > "CAN-2005-0490 - Buffer Overflows in cURL bei Kerberos und NTLM > Authentizizierung" Fine. So recompile it with something like this . Buffer overflows are just one aspect of secure code, and there's no guarantee that a re- implementation of something like libcurl wouldn't be peppered with security flaws of a different color. That's not to say it shouldn't be done. And if it's a tool that you use a lot and that you think could be mode even better, then go for it, that's great. Hell, I might even help out if the project interests me somehow. But for now, if I need a one-off tool for doing something curl-esque, it's a much better use of my time to wrap an existing library. William D. Neumann "I eat T-bone steaks, I lift barbell plates, I'm sweeter than a German chocolate cake. I'm the reflection of perfection, the number one selection. I'm the man of the hour, the man with the power, too sweet to be sour. The ladies' pet, the men's regret, where what you see is what you get, and what you don't see, is better yet." --Superstar Billy Graham