Ciaran McCreesh wrote:
100 bytes is more than enough room to download and execute a file that contains the real malicious code.
I actually agree that it is extremely unlikely that a length check would make modelines more secure, but I'm being argumentative because it's irritating to be authoritatively assured that a length check would have no benefit in the future. We just don't know whether some future vulnerability (perhaps using a currently-unknown new feature) might be avoided with a modeline length check. John
