Bug#264879: [Pkg-shadow-devel] Bug#264879: passwd: useradd allows invalid characters as username
Alexander Gattin
Alexander Gattin <arg@online.com.ua>, 264879@bugs.debian.org
Sat, 2 Apr 2005 22:07:26 +0300
On Thu, Mar 31, 2005 at 03:21:05AM +0200, Tomasz Kłoczko wrote:
> On Thu, 31 Mar 2005, Nicolas [iso-8859-1] François wrote:
> [..]
> > * the implementation from RedHat, which seems reasonable to me. (maybe
> > we should not allow usernames starting with a '-').
Consider what most tools (from coreutils/shadow/adduser
etc.) will think about "-h" or "--verbose" username? :))
> > useradd will still be much more permissive than adduser, but some
> > reasonable checks will be performed.
> > The RedHat equivalent regex is "^[a-zA-Z_][a-zA-Z0-9_-.]*\$?$"
>
> About using "." in username: tru use "chown user.name <file>".
Good contr-example. ;-)
> Solaris useradd allow use "." in username (also "-" and "_") but before
> change this in shadow useradd will be good IMO change chown from coreutils
> for disallow use "." as separatotr between user and group name.
I agree with you on this matter.
> Someting more about current RH/FC useradd: they allow also use upper case
> in user name login which will break deliver emails to proper spool (SMTP
> do not distinguish between lower and upper case).
No. SMTP may or _may not_ distinguish those.
> [Page 14]:
> RFC 2821 Simple Mail Transfer Protocol April 2001
> ...
> is NOT true of a mailbox local-part. The local-part of a mailbox
> MUST BE treated as case sensitive. Therefore, SMTP implementations
> MUST take care to preserve the case of mailbox local-parts.
> ...
> [Page 37]:
> Local-part = Dot-string / Quoted-string
> ; MAY be case-sensitive
The only _truly_ case-insensitive mailbox addr is
"postmaster":
> [Page 57]:
> Any system that includes an SMTP server supporting mail relaying or
> delivery MUST support the reserved mailbox "postmaster" as a case-
> insensitive local name. This postmaster address is not strictly
> necessary if the server always returns 554 on connection opening
So, the "any-case" proposal is perfectly good from my
point of view.
--
WBR,
xrgtn