From: Paul Stewart <stewart@parc.com>
To: Guy <bugzilla@watkins-home.com>
Cc: 'Jan Hudec' <bulb@ucw.cz>, 'Matthew Wilcox' <willy@debian.org>,
viro@parcelfarce.linux.theplanet.co.uk,
'Bryan Henderson' <hbryan@us.ibm.com>,
linux-fsdevel@vger.kernel.org,
"'Joseph D. Wagner'" <theman@josephdwagner.info>
Subject: Re: RFC: Illegal Characters in File Names
Date: Tue, 20 Jul 2004 15:11:18 PDT [thread overview]
Message-ID: <1090361478l.2419l.0l@orlando> (raw)
In-Reply-To: <200407202149.i6KLn7318302@watkins-home.com> (from bugzilla@watkins-home.com on Tue, Jul 20, 2004 at 14:49:07 -0700)
On 2004.07.20 14:49, Guy wrote:
> What about:
> ls|more
Hm.. I've tried this under rxvt, xterm and gnome-terminal and none of
these respond to the "ls | cat", "ls" or "ls | more" scenarios in any
unexpected way. I think we're straying from the point. If the
argument is "the filesystem should change because some terminal
applications might be coerced into responding in vulnerable ways", the
answer is that the terminal application should be changed.
This is not just about philosophical purity or laziness about who
should "protect the user". There are various vectors for getting at
the output to the terminal. "ls | cat" is only one of them. I could
imagine mail content, and even file content being vulnerable. If you
saw a file in /tmp/ named "README_GUY", wouldn't you be the least bit
tempted to have a look at what was inside? If we're going to follow
this branch of the argument, we've got to correctly determine the
threat to terminals and consider changes to the terminal to truly have
a story about preventing them. Alas, this discussion is out of scope
for fs-devel.
--
Paul
next prev parent reply other threads:[~2004-07-20 22:11 UTC|newest]
Thread overview: 68+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-07-19 0:41 RFC: Illegal Characters in File Names Joseph Wagner
2004-07-19 8:47 ` Jan Hudec
2004-07-19 19:21 ` Joseph D. Wagner
2004-07-19 20:08 ` Pat LaVarre
2004-07-19 20:54 ` Joseph D. Wagner
2004-07-20 6:33 ` Jan-Benedict Glaw
2004-07-20 16:25 ` Joseph D. Wagner
2004-07-20 20:42 ` Stephen Rothwell
[not found] ` <20040720162549.857014B7E7@dvmwest.gt.owl.de>
2004-07-20 16:52 ` Jan-Benedict Glaw
[not found] ` <20040719192145.50750578E5@jabberwock.ucw.cz>
2004-07-19 21:01 ` Jan Hudec
2004-07-20 16:40 ` Bryan Henderson
2004-07-20 16:54 ` Guy
2004-07-20 18:10 ` viro
2004-07-20 20:44 ` Guy
2004-07-20 21:27 ` Matthew Wilcox
2004-07-20 21:37 ` Jan Hudec
2004-07-20 21:40 ` Matthew Wilcox
2004-07-20 21:45 ` Jan Hudec
2004-07-20 21:49 ` Guy
2004-07-20 22:04 ` Jan Hudec
2004-07-20 22:11 ` Paul Stewart [this message]
2004-07-20 22:16 ` Joseph D. Wagner
2004-07-21 12:26 ` Jan-Benedict Glaw
2004-07-21 15:28 ` Guy
2004-07-21 16:25 ` Jan-Benedict Glaw
2004-07-21 12:24 ` Jan-Benedict Glaw
2004-07-20 21:41 ` Bryan Henderson
2004-07-21 12:21 ` Jan-Benedict Glaw
2004-07-21 15:25 ` Guy
2004-07-22 18:04 ` Matthew Wilcox
2004-07-22 18:35 ` Guy
2004-07-20 20:57 ` Jan Hudec
2004-07-20 21:09 ` Guy
2004-07-20 21:36 ` Jan Hudec
2004-07-20 22:13 ` viro
2004-07-20 22:44 ` Jan Hudec
2004-07-20 22:51 ` viro
2004-07-20 23:30 ` Guy
2004-07-21 20:25 ` Bryan Henderson
2004-07-22 3:17 ` John Newbigin
2004-07-22 3:24 ` Matthew Wilcox
2004-07-22 6:01 ` viro
2004-07-22 22:12 ` Bryan Henderson
2004-07-22 14:51 ` Jan-Benedict Glaw
2004-07-22 22:44 ` Bryan Henderson
2004-07-22 22:47 ` Jan Hudec
2004-07-23 18:10 ` Bryan Henderson
2004-07-20 23:52 ` John Newbigin
2004-07-21 3:26 ` Joseph D. Wagner
2004-07-21 4:15 ` viro
2004-07-21 5:03 ` Guy
2004-07-21 12:28 ` Jan-Benedict Glaw
2004-07-21 15:30 ` Guy
2004-07-21 16:26 ` Jan-Benedict Glaw
2004-07-21 16:33 ` Jan Hudec
2004-07-21 16:41 ` Guy
2004-07-21 17:01 ` Jan Hudec
2004-07-20 22:16 ` Joseph D. Wagner
2004-07-21 12:43 ` Jan-Benedict Glaw
2004-07-20 22:31 ` viro
2004-07-20 18:27 ` Bryan Henderson
2004-07-19 9:26 ` Matthew Wilcox
2004-07-19 19:21 ` Joseph D. Wagner
[not found] ` <E1BmdhG-0004NG-00@master.debian.org>
2004-07-20 2:43 ` Matthew Wilcox
2004-07-20 3:16 ` Joseph D. Wagner
2004-07-20 8:45 ` Jan Hudec
2004-07-20 16:25 ` Joseph D. Wagner
2004-07-20 16:41 ` Guy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1090361478l.2419l.0l@orlando \
--to=stewart@parc.com \
--cc=bugzilla@watkins-home.com \
--cc=bulb@ucw.cz \
--cc=hbryan@us.ibm.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=theman@josephdwagner.info \
--cc=viro@parcelfarce.linux.theplanet.co.uk \
--cc=willy@debian.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).