On Sat, Nov 29, 2014 at 09:48:53PM +0100, Dmitrij D. Czarkoff wrote: > That said, the standard provides just enough facilities to make > filesystem-related aspects of Unicode work nicely, particularily in case > of utf-8. Eg. ability to enforce NFD for all operations on file names > could actually make several things more secure by preventing homograph > attacks.
How do you 'enforce' NFD? Let the kernel normalize (ie /destructively/ transform) the file names behind user's back, so that a file will be listed with a different name than that with which it was created? That's very nice and secure, indeed. Reject file names that are not in NFD? But if you're into preventing people from using file names they want to use and have used without problems until now, why not just go all the way back to uppercase + the dot? And btw, normalization won't do much about 'homographs': $ echo > ∕еtс∕раsswd $ rm ∕еtс∕раsswd $
