Hello, Greg!
> If anyone really and truly believes that it should be possible to
> include any character except perhaps '/' and '\0' in a filename then I
>From GNU Coding Standards (by RMS):
Utilities reading files should not drop NUL characters, or any other
nonprinting characters @emph{including those with codes above 0177}. The
only sensible exceptions would be utilities specifically intended for
interface to certain types of terminals or printers that can't handle
those characters.
I don't think all GNU programs support '\0', but e.g. GNU sed does.
> would no doubt result. Unix tools have already gone to great lengths to
> hide conflicts between configuration and script syntax, and filename
> syntax, though of course some tools go much further than others to this
> end (eg. sh vs. make) and usually in direct proportion to the generality
> of the tool, though sometimes in proportion to the complexity of syntax
> they support.
I think the most essential here is the ability to deal with unsafe
environment. I.e. "sh" can be used in CGI scripts for processing
user-supplied data. I wouldn't use "make" in CGI scripts.
Secure tools should at least provide "bounded undefined behaviour" for
unsecure input, i.e. they may do weird things, but in no event are they
allowed to break security in a way unexpected for a "reasonable" system
administrator.
All this is quite irrelevant to Autoconf. People using it are not
crackers. They can only cause problems for themselves if they use strange
filenames.
If we can deal with ":" - fine, if we cannot - no problem.
Regards,
Pavel Roskin
