How so? We aren't talking about strcpy(), just strcmp(), and all the strings in question should be nul-terminated (if they aren't then mem* routines should be used and more length checks would be needed; there are also timing attacks to worry about if we're considering all the possible issues).
But normally strncmp isn't safer than strcmp. They just do different things.
