On Thu, Feb 21, 2002 at 03:10:53AM -0500, Glenn Maynard wrote: > On Thu, Feb 21, 2002 at 01:26:33PM +0900, Gaspar Sinai wrote: > > One thing that's bound to be lost in the transition to UTF-8 filenames: > the ability to reference any file on the filesystem with a pure CLI. > If I see a file with a pi symbol in it, I simply can't type that; I have > to copy and paste it or wildcard it. If I have a filename with all > Kanji, I can only use wildcards.
that is inevitable, unfortunately (copy&paste should be improved, at least on console) > > A normalization form would help a lot, though. It'd guarantee that in > all cases where I *do* know how to enter a character in a filename, > I can always manipulate the file. (If I see "cár", I'd be able to "cat > cár" and see it, reliably.) sorry, but that is just plain impossible. For one thing, the "c" can quite well be U+04AB, CYRILLIC SMALL LETTER ES, ditto for other letters. But I agree that normalization can save us a lot of headache. > > I don't know who would actually normalize filenames, though--a shell > can't just normalize all args (not all args are filenames) and doing it > in all tools would be unreliable. Input method should produce normalized characters. Since most filenames are somehow produced via human operation, it would catch most of pathological cases. > > A mandatory normalization form would also eliminate visibly duplicate > filenames. you mean _equivalent_ filenames (with regard to combining characters, LTR marks etc.) but not with regard to same glyphs - that is rather impossible to achieve. > Of course, it can't be enforced, but tools that escape > filenames for output could change unnormalized text to \u/\U. that would be sensible On Thu, Feb 21, 2002 at 05:41:37PM +0900, Gaspar Sinai wrote: > > > What I was thinking is this: > > NFS server may export something that is meant to be the > same but in fact, because of lack of mandatory normalization, > it is different what the client tries to mount. Is it possible > for someone to use the same machine and export a different > volume with the same name as the client expects? No, at least not under UNIX. Only root can do NFS export, and when you are already root you can do pretty much whatever you want. Possibilities for attacks include tricking someone into seeing something which does not exist - but as long as the tools used to display things are sensible and limit the scope of control characters to the filename (I am thinking about RTL marks here), it should be no worse than creating a filename ending in space under current situation. > > It may be a different question but can the machine name > be played with? Can this have an affect to the name of the > machine itself or only directories and filenames? > that is up to DNS - well, tricks like naming your www server "www.оnlinebanking.com" where the first "o" is cyrillic and tricking clients into thinking they are entering their passwords into secure and genuine "www.onlinebanking.com" are very real, and already used even with ASCII names - see the linux kernel mailing list discussion about [EMAIL PROTECTED] (not transmeta) address. The same can be applied to NFS - but you have to trick the user to mount the wrong server somehow. It is easier with www, when they just click on innocently looking link. -- ----------------------------------------------------------- | Radovan Garabik http://melkor.dnp.fmph.uniba.sk/~garabik/ | | __..--^^^--..__ garabik @ melkor.dnp.fmph.uniba.sk | ----------------------------------------------------------- Antivirus alert: file .signature infected by signature virus. Hi! I'm a signature virus! Copy me into your signature file to help me spread! -- Linux-UTF8: i18n of Linux on all levels Archive: http://mail.nl.linux.org/linux-utf8/
