RE: Roundtripping in Unicode

• Previous message: Kenneth Whistler: "Re: Validity and properties of U+FFFD (was RE: Roundtripping in Unico de)"
• Maybe in reply to: Lars Kristan: "RE: Roundtripping in Unicode"
• Next in thread: Mike Ayers: "RE: Roundtripping in Unicode"
• Maybe reply: Lars Kristan: "RE: RE: Roundtripping in Unicode"
• Maybe reply: Philippe VERDY: "Re: RE: Roundtripping in Unicode"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

> From: unicode-bounce@unicode.org
> [mailto:unicode-bounce@unicode.org] On Behalf Of Peter Kirk
> Sent: Tuesday, December 14, 2004 11:32 AM

> This is a design flaw in Unix, or in how it is explained to
> users. Well, Lars wrote "Basically, you are not supposed to
> use strcpy to process filenames." I'm not sure if that is his
> opinion or someone else's, but the only safe way out of this
> mess is never to process filenames as strings.

        As mentioned by Kenneth, Lars was speaking from the wrong orifice
when he said that.

        Also, it appears that the term "string" is being used too much and
without qualification. The entire focus of this thread is on what happens
when unqualified bytes (filenames) get qualified (by locale), so it would
behoove us all to qualify all the strings we're talking about. For
instance, Peter's last clause above bifurcates into:

        "...but the only safe way out of this mess is never to process
filenames as UTF-8 strings."

        and:

        "...but the only safe way out of this mess is always to process
filenames as opaque C strings."

        which was mentioned early on in this thread, but Lars does not wish
to do this.

> This may be called a "trick" but it looks like it could very
> easily be a security hole. For example, a filename 0x41 0x08
> 0x42 will be displayed the same as just 0x42, in a Latin-1 or
> UTF-8 locale. Your friend's trick has become an open door for
> spoofers.

        Exactly why 0x08 was banned in filenames, as I recall.

/|/|ike

"Tumbleweed E-mail Firewall <tumbleweed.com>" made the following
 annotations on 12/14/04 13:16:29
------------------------------------------------------------------------------
This e-mail, including attachments, may include confidential and/or proprietary information, and may be used only by the person or entity to which it is addressed. If the reader of this e-mail is not the intended recipient or his or her authorized agent, the reader is hereby notified that any dissemination, distribution or copying of this e-mail is prohibited. If you have received this e-mail in error, please notify the sender by replying to this message and delete this e-mail immediately.
==============================================================================

• Next message: Doug Ewell: "Re: Roundtripping in Unicode"
• Previous message: Kenneth Whistler: "Re: Validity and properties of U+FFFD (was RE: Roundtripping in Unico de)"
• Maybe in reply to: Lars Kristan: "RE: Roundtripping in Unicode"
• Next in thread: Mike Ayers: "RE: Roundtripping in Unicode"
• Maybe reply: Lars Kristan: "RE: RE: Roundtripping in Unicode"
• Maybe reply: Philippe VERDY: "Re: RE: Roundtripping in Unicode"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

This archive was generated by hypermail 2.1.5 : Tue Dec 14 2004 - 15:15:59 CST