- From: Bjoern Hoehrmann <derhoermi@gmx.net>
- Date: Mon, 19 Nov 2007 07:37:13 +0100
- To: "Marcos Caceres" <marcosscaceres@gmail.com>
- Cc: "public-appformats@w3.org" <public-appformats@w3.org>
* Marcos Caceres wrote: >My feeling is to go with option 2, but warn implementers that they should be >prepared to deal with path lengths that are longer than that allowed by the >file system. I would expect, in any case, the specification to warn against giving possibly untrusted content control over the names of files on the disk. There are the obvious portability issues concerning lenth restrictions and usable characters but also security issues with special characters, special file names, special files and other things, as an implementer, I would certainly try hard to avoid simply extracting an archive file to disk. -- Björn Höhrmann · mailto:bjoern@hoehrmann.de · http://bjoern.hoehrmann.de Weinh. Str. 22 · Telefon: +49(0)621/4309674 · http://www.bjoernsworld.de 68309 Mannheim · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/
Received on Monday, 19 November 2007 06:37:21 UTC