> For malformed Unicode or such, it'd make sense, yeah. Not really. It's legitimate to have bad unicode in a directory, or have a file system where some users are still in 8bit Russian encoding and some are unicode for example.
The fix for this has always been the same - don't use shell script and similar things (php for example) where incorrect quoting causes you to execute random attacker code. As most of the waya to attack a shell script are printable symbols like $, ; ` and * you aren't going to save anyone by adding hacks to the VFS. Alan
