[skissane]

> Now, implementation in ntfs.sys is another thing and I have no idea if it's just an unused code path or if something would explode,

ntfs.sys has validation checks in it which prevent you from directly creating anything other than named or unnamed $DATA attributes on a regular file, and named $DATA attributes on a directory, and (indirectly) creating other stuff (directories, file names, standard attributes, EAs) through the appropriate APIs. If you try to do anything funky, you'll get an "Access Denied" error code returned by ntfs.sys

[p_l]

I was thinking more of "ntfs.sys encounters filesystem structure with names set for normally unnamed attributes".

The API preventing arbitrary messing up is a separate (and good and valid) concern.

[skissane]

> I was thinking more of "ntfs.sys encounters filesystem structure with names set for normally unnamed attributes".

From reading the source code of the Linux kernel NTFS driver (the ntfs3 one in the latest Linux kernel, not the older one it replaced), its (pretty reasonable) strategy is just to ignore things it doesn't expect. But I don't know what ntfs.sys does in such a scenario, I've never tried.