Joel Rees said: >> That said, the standard provides just enough facilities to make >> filesystem-related aspects of Unicode work nicely, particularily in case >> of utf-8. Eg. ability to enforce NFD for all operations on file names >> could actually make several things more secure by preventing homograph >> attacks. > > I think this assertion is a bit optimistic, and not just given your > following caveat.
Provided that I have to cope with Unicode file names every day, I just can't see more pessimistic approach then just allowing arbitrary Unicode codepoints with no sanitization whatsoever. Every now and then I have to use printf(1) and xclip(1x) just because there is no other way to address a file or identify all codepoints of its name. From here I don't see ability to enforce policy on Unicode strings as something as useless as you put it. -- Dmitrij D. Czarkoff
