From mboxrd@z Thu Jan 1 00:00:00 1970 From: Cody P Schafer Subject: Re: [BUG] NTFS code doesn't sanitize folder names sufficiently Date: Wed, 01 Aug 2012 16:16:01 -0700 Message-ID: <5019B8B1.7090902@linux.vnet.ibm.com> References: <501189DA.4030709@enkore.de> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: linux-fsdevel@vger.kernel.org, LKML To: Marian Beermann Return-path: Received: from e33.co.us.ibm.com ([32.97.110.151]:35291 "EHLO e33.co.us.ibm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753498Ab2HAXQi (ORCPT ); Wed, 1 Aug 2012 19:16:38 -0400 Received: from /spool/local by e33.co.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Wed, 1 Aug 2012 17:16:37 -0600 In-Reply-To: <501189DA.4030709@enkore.de> Sender: linux-fsdevel-owner@vger.kernel.org List-ID: > The solution to this would be to disallow creation of files and > folders on NTFS drives containing illegal characters. Illegal characters with respect to Windows & the like are different from Illegal characters with respect to the NTFS filesystem structure. Looking at ntfs-3g(8) [yes, I'm aware that is a different driver that this bug is about], the section on Windows Filename Compatability says this: [...] all characters are allowed except '/' and '\0'. This is perfectly legal on Windows, though some application may get confused. The option windows_names may be used to apply Windows restrictions to new file names. To recap: no data will be lost due to using '\' in filenames. Some operating systems just may not be capable off accessing it. -- Cody