Unix/Linux/POSIX typically allow almost any byte in a filename, but this flexibility is the source of many problems and vulnerabilities.
This problem is described in "Fixing Unix/Linux/POSIX Filenames: Control Characters (such as Newline), Leading Dashes, and Other Problems" (http://www.dwheeler.com/essays/fixing-unix-linux-filenames.html). Ways of writing shell programs to work around this are discussed in "Filenames and Pathnames in Shell: How to do it correctly" (http://www.dwheeler.com/essays/filenames-in-shell.html). One approach, which does not have some of the problems of other approaches, is to use encodef... which is this package.
License
MIT LicenseFollow encodef
Other Useful Business Software
Our Free Plans just got better! | Auth0
You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
Rate This Project
Login To Rate This Project
User Reviews
-
dwheeler has a well reasoned, competently engineered, and thoroughly tested approach to proofing shell scripts against the vulnerabilities and unfortunate side effects that fundamentally flawed (but evolving) inbuilt methods of handling globing and pathnames enable. His brief essays on this subject are worth careful study and frequent review.