On Sun, Mar 13, 2011 at 4:48 PM, Jeffrey Walton <[email protected]> wrote: > Be careful of this sort of functionality, especially when an adversary > controls the event. In essence, the event should be consider > "untrusted user input".
Unless I'm missing something, I don't see how this is any more dangerous than calling select(2). I mean, yes, if someone writes to a pipe, and you read from it, then you'll read what they wrote. The same caution applies to any external data: sockets, files on disk, shared memory… --Kyle Sluder _______________________________________________ Cocoa-dev mailing list ([email protected]) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to [email protected]
