HPE Community
Operating System - HP-UX
1825689 Members
3580 Online
109686 Solutions
New Discussion

ftpaccess path-filter question on allowed characters

 
SOLVED
Go to solution
Jeff Carlin
Frequent Advisor

‎04-14-2005 01:48 AM

‎04-14-2005 01:48 AM

ftpaccess path-filter question on allowed characters

The example to use for the path-filter section in the ftpaccess is "^[-A-Za-z0-9_\.]*$ ^\. ^-" which restricts spaces and several other special characters. We have a lot of windows clients that attempt to send files with commas or spaces in the file name. I have changed the path-filter to allow this, but I am concerned that the default was restrictive for a reason. Does anyone know why spaces and commas, as well as other special characters, were excluded? Are there security concerns? Was it just to keep wierd file names from being uploaded into the directory?
Where wisdom is called for, force is of little use. --Of course, a hammer does wonders for relieving stress.
0 Kudos
Reply
2 REPLIES 2
A. Clay Stephenson
Acclaimed Contributor

‎04-14-2005 02:13 AM

‎04-14-2005 02:13 AM

Solution

Re: ftpaccess path-filter question on allowed characters

From the perspective of UNIX, the only character that can't be in a filename is "/". Whitespace is perfectly legal but is generally avoided. If you like, you can even embed control characters. Most shell scripts do most quote pathnames so that those with whitespace are parsed incorrectly.

If you allow very loose filename construction be prepared for some jumping through hoops in your cleanup scripts.

Personally, I think allowing whitespace in filenames is state-of-the-art stupid but nobody asked me.


If it ain't broke, I can fix that.
Reply
Jeff Carlin
Frequent Advisor

‎04-14-2005 03:28 AM

‎04-14-2005 03:28 AM

Re: ftpaccess path-filter question on allowed characters

I agree with you. So, you don't see any potential security problems. I can deal with the annoyance of wacko filenames.
Where wisdom is called for, force is of little use. --Of course, a hammer does wonders for relieving stress.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.