On Thu, Nov 22, 2007 at 02:34:27PM +1100, Steve Bennett wrote:
Would the developers (or users, for that matter) be
likely to trust a
pure parser solution? It seems to me that it's a lot easier simply to
scan the resulting output looking for bad bits, than it is to attempt
to predict and block off all the possible routes to producing nasty
code.
My opinion is that each block of code should do it's think, and no one
else's thing. DJB's a whackjob, but on this point, he hews correctly
to those who created this OS we pray to daily...
Cheers,
-- jra
--
Jay R. Ashworth Baylink jra(a)baylink.com
Designer The Things I Think RFC 2100
Ashworth & Associates
http://baylink.pitas.com '87 e24
St Petersburg FL USA
http://photo.imageinc.us +1 727 647 1274
Witty slogan redacted until AMPTP stop screwing WGA