At 07:10 AM 6/9/01 -0700, Randal L. Schwartz wrote:
> >>>>> "Jeff" == Jeff Yoak <[EMAIL PROTECTED]> writes:
>
>Jeff> At 05:11 PM 6/8/01 -0500, Karen Cravens wrote:
> >> On 8 Jun 2001, at 14:33, Randal L. Schwartz wrote:
> >>
> >> > No, because newlines are the delimiters for sh's "read" operator.
> >>
> >> Is it just me, or does anyone else think newlines in filenames are
> >> Evil Incarnate regardless?
>
>Jeff> It's not just you. :-)
>
>But that doesn't matter. If you don't plan for it, someone will
>create a path with a newline to DELIBERATELY break your code
>and potentially open up a security hole.
Certainly. And I *am* cautious about such things. It is because things
like newlines and semicolons in filenames are generally someone trying to
do something malicious that I agreed that they are a bit evil. That
doesn't imply to me that they should be ignored.
Cheers,
Jeff
