Re: Valid characters on one o/s are invalid on another

[Michel Arboi <arboi () yahoo com>]

--- "Kayne Ian (Softlab)" <Ian.Kayne () softlab co uk> a écrit :
> Files started "dissapearing" from the CD etc... Didn't go
> much further than this...

I do not think that you can go much further, unless the "strange"
characters are converted to something else. It would then be possible
to overwrite system files while displaying weird names in the Winzip
(or anything else) interface.
_If_ such an exploit exists, it would probably concern a specific
client (e.g. command line unzip but not winzip...)

BTW, some people ran into this problem years ago.
In the old days, I read some parts of the POSIX specifications about
this. I was on an OpenVMS environment, trying to use lex and yacc in
the POSIX subsystem. VMS did not allow several dots in a file name, so
the "POSIX" lex command generated lex_yy.c and yacc ytab.c (instead of
lex.yy.c & y.tab.c). This was allowed by POSIX (so I could not trash
the VMS for "legal" reasons <grin>).
It then crossed my mind that worse problems could arise with cpio and
tar. POSIX said that if those commands encountered a file that could
not be created because of limitations of the underlying file system,
they may rename it, or just drop it.



___________________________________________________________
Do You Yahoo!? -- Pour faire vos courses sur le Net, 
Yahoo! Shopping : http://fr.shopping.yahoo.com