Retain orig. filename as suffix for tmp. filename
Adam Byrtek / alpha
alpha at student.uci.agh.edu.pl
Mon Feb 24 10:05:57 UTC 2003
On Mon, Feb 24, 2003 at 02:22:16AM -0500, Pavel Roskin wrote:
> If you preserve the whole filename, you are more likely to have spaces for
> some other special characters in the filename. Some programs have
> problems with spaces in the filename (e.g. rpm 4.1).
>
> Even worse, some programs could be exploited by giving them bogus
> filenames as arguments. I like your idea, but the security issue should
> be addressed (actually, it exists already because the extension can have
> bad stuff too).
Is filtering it with is_printable() and substituting spaces with '_'
enough?
Regards
--
_.|._ |_ _. : Adam Byrtek /alpha/
(_|||_)| |(_| : email alpha@(irc.pl|debian.org)
| : jabber alpha.pl(at)jabber.org, pgp 0xB25952C0
More information about the mc-devel
mailing list