From mboxrd@z Thu Jan 1 00:00:00 1970 From: Tomas Mraz Subject: Re: [PATCH] Fix acct quoting in audit_log_acct_message()) Date: Wed, 05 Mar 2008 16:21:29 +0100 Message-ID: <1204730489.12783.56.camel@vespa.frost.loc> References: <47CEA640.7090903@redhat.com> <1204726281.12783.51.camel@vespa.frost.loc> <47CEB674.8020104@redhat.com> Mime-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <47CEB674.8020104@redhat.com> List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: linux-audit-bounces@redhat.com Errors-To: linux-audit-bounces@redhat.com To: John Dennis , linux-audit@redhat.com List-Id: linux-audit@redhat.com On Wed, 2008-03-05 at 10:04 -0500, John Dennis wrote: > >>> a) byte sequences with the following special characters encoded as %XX > >>> where XX is hexadecimal value of the encoded byte. Special characters > >>> are: bytes with value <= 0x20 or >= 0x7F, '%', '(', ')', and '='. > >> Perhaps we should reserve more characters for future features - at least > >> '"', '\'' and '\\', maybe everything but [a-zA-Z0-9_-]. > > Lets not invent YAES (Yet Another Encoding System). The world already > has enough :-) There is value in sticking with known encodings, many > programmers are instantly familiar with them and there is a raft of > working code to support them. Off the top of my head I can think of: > > 1) backslash escapes with embedded octals > 2) quoted printable > 3) base64 > 4) xml entities 5) url encoding - which is what I proposed and is most efficient and readable (well it is equivalent to quoted printable except it uses % instead of = which we cannot use as it has already a meaning as name value separator) -- Tomas Mraz No matter how far down the wrong road you've gone, turn back. Turkish proverb