* Posts by rwessman

2 publicly visible posts • joined 4 Mar 2019

The day I took down the data centre- I mean, the day I saved the day. Right, boss?

rwessman

Re: That's interesting

That trick never works. Years ago at a former company, there was a disk maintenance tool with the potential to be very destructive if used incorrectly. In fact, it would issue a "Are you sure? (y/n)" prompt twice.

To which customers wrote wrappers like:

dpmaint << END

y

y

END

Did you hear the one about Cisco routers using strcpy insecurely for login authentication? Makes you go AAAAA-AAAAAAArrg *segfault*

rwessman

Re: I'm thinking...

It's probably a lack of code review. In my experience, these kinds of bugs occur frequently in in-house code as well. I've been telling developers to not use strcpy() for years.