On Tue, Feb 28, 2006 at 12:47:33PM -0500, solar wrote: > I forget where I read it but I thought that unicode lead to overflows > and was considered a general security risk. I wish I knew where I read > that but I'm unable to find it. > > Any list readers know anything relating to that? > It's true that many overflows have been found in unicode aware applications, like the zillion unicode overflows in Internet Explorer for example. But that shouldn't lead to considering unicode a general security risk in my mind even though the apache team uses ascii in the default configuration to protect against bugs in poorly written applications.
Regards, Bryan Østergaard -- [email protected] mailing list
