Jonathan Nieder <jrnieder@xxxxxxxxx> writes: > Is there anything we can or should do to prevent people checking in > new examples of paths with backslash in them (on all platforms)? I obviously won't dictate what should happen on Windows, but I think the overall principle for paths recorded in a tree object that can be problematic on some of the platforms ought to be: * fsck and transfer.fsckobjects should be taught to notice offending characteristics (e.g. has a backslash in it, is one of the "reserved names" on some platform like LPT1). * if paths with the offending characteristics are *so* obviously useless in real life and are possible only in a crafted path that is only useful to attack users, the check in fsck should default to "reject" to help the disease spread via hosting sites. * otherwise, the check should be to "warn" but not "reject", so that projects can keep using paths that may problematic on platforms that do not matter to them. I think LPT1 and friends fall into the "warning is fine" category, and a path component that contains a backslash would fall into the "this is an attack, just reject" category.
