Re: [chip@xxxxxxxxxx: Bug#206476: Too many characters are considered 'bad' in extracted binaries]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


According to Booker Bense:
> if it can be interpreted by the shell it should not be in a filename
> that you download over the internet.  The BADCHARS list was created
> from experience with the kind of exploits common when trn was under
> active development [...]

But modern shells didn't exist then.  Shall I enumerate the
punctuation marks that are *not* metacharacters to zsh and/or bash?
It's a short list.  Conversely, modern shells have tab-completion that
automatically uses quotes and backslashes to turn any filename safe.
The only untenable situation seems to be the status quo.

Failing a consensus (which seems distant), perhaps BADCHARS could be
made a configuration item?  One more of those couldn't hurt.
Chip Salzenberg               - a.k.a. -               <>
"I wanted to play hopscotch with the impenetrable mystery of existence,
    but he stepped in a wormhole and had to go in early."  // MST3K

This email is sponsored by:ThinkGeek
Welcome to geek heaven.

[Index of Archives]     [Photo]     [Yosemite]     [Epson Inkjet]     [Mhonarc]     [Nntpcache]

  Powered by Linux