On Fri, Mar 06, 2015 at 09:14:07AM GMT, ludovic coues wrote: > I believe Theo already told what's wrong with SQLite. His words were > "The code uses risk-prone idioms." if I'm not mistaken.
He had, indeed, in a reply to Marc's email - I was replying to his earlier email so hadn't seen that one yet. Besides, initially Jan asked Ingo to expand on the subject and it would be nice to "hear" it from him - as I've mentioned before, Marc and Stefan weren't *that* strongly concerned about it so, as you can see, opinions vary and it would be still nice to know what Ingo had in mind :^) > A lot of arguments advanced to keep lynx where basically "don't act > unless there is a security issue". From what I see, OpenBSD dev act > against code which might be source of issue. That's why there is so > few vulnerabilities in base. The bad code was already gone when those > are found in other OS. The question was about 'sqlite' - we hadn't mentioned anything about 'lynx'. On reflection, this probably wasn't the best thread to ask more questions, in ;^) > By the way, is there a list a common risk-prone idioms ? +1 Cheers, Raf