Re: RFC: Illegal Characters in File Names

[Jan-Benedict Glaw <jbglaw@lug-owl.de>]

[-- Attachment #1: Type: text/plain, Size: 2631 bytes --]

On Tue, 2004-07-20 17:16:57 -0500, Joseph D. Wagner <theman@josephdwagner.info>
wrote in message <S266335AbUGTWQ6/20040720221658Z+360@vger.kernel.org>:
> > What security risk?  You mean running applications written by lusers?
> 
> But that's the million dollar question, Regis.  How do you know if the
> application is any good or not?  Not every program that runs on Linux

When it's a FSF GNU application and some 10 years around, I tend to
think that it's old enough to have all major problems removed.

> is open source.  Not every end user running Linux is skilled enough to
> read the source code.

I think you'll face a hard time finding such badly written software on
most systems, and especially those ran (sp?) by root are not of that
slice. (Except root is incompetent and likes to start KDE or Gnome...)

> And don't give me that crap about how a proprietary company's software
> is implied to be better.  Microsoft is a multi-billion dollar
> proprietary software company, and they can't even fix bugs in IE.
> How can you place such demands on other programmers?

In Germany, we've got sentence, "Ist der Ruf erst ruiniert, lebt sich's
völlig ungeniert", meaning something like if you did some bad things,
nobody will mind if you do even more of them.

Open source programmers will get blamed *personally* for the bullshit
they produce. Nobody likes to write security advisories. It's *pain*. At
large software companies, there's no such blame, no such pain. I guess
commonly those people writing the advisories won't have seen the code at
all. Bugs just happen as systemic failures, nobody is personally blamed
for them. That's different for open-sources software, because you know
the author, sometimes even personally.

> I'm afraid, however, that Bryan Henderson's analysis is correct when he said:
> 
> > This is the well known conflict between what's
> > philosophically right and what's practical. [trimmed]
> > So even though filesystem design shouldn't have to
> > solve that problem, it's a very practical place to
> > solve it.
> 
> I'm afraid this won't happen until it's a file system option.

If you were to introduce an additional "check_filename()" system call,
you'd just put a function of the very same name into the application...

MfG, JBG

-- 
   Jan-Benedict Glaw       jbglaw@lug-owl.de    . +49-172-7608481
   "Eine Freie Meinung in  einem Freien Kopf    | Gegen Zensur | Gegen Krieg
    fuer einen Freien Staat voll Freier Bürger" | im Internet! |   im Irak!
   ret = do_actions((curr | FREE_SPEECH) & ~(NEW_COPYRIGHT_LAW | DRM | TCPA));

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 189 bytes --]