Kohei KaiGai wrote:
2011/4/16 Joshua Brindle<method@xxxxxxxxxxxxxxx>:
Kohei KaiGai wrote:
This patch allows to accept percent-encoded object name as the forth
argument of /selinux/create interface to avoid possible bugs when we
supply an object name that includes whitespace or multibytes.
Why not use standard bash escaping instead of html entities?
Does bash has a way to escape multibyte characters safety?
Here are various number of multibyte encoding systems rather than unicode.
For example, Japanese has three major encoding; EUC, JIS and Shift-JIS.
If we try to use the code 0x5c ('\') as escape sequence, we may have
possible trouble on the Shift-JIS environment, because it contains several
characters that use 0x5c as second character.
The bad news is Shift-JIS was the default encoding system delivered from
MS-DOS, so it is still popular on Linux systems migrated from legacy ones. :-(
Of course, we have many language support, I don't know what side effects
may happen on a particular environment.
So, it seems to me the assumption of percentage-encoding is enough
conservative to deliver an object name from userspace to kernel.
Actually, this all seems moot since the current userspace labeling
doesn't handle multibyte encoding.
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
