Bug#264879: [Pkg-shadow-devel] Bug#264879: passwd: useradd allows invalid characters as username

Tomasz Kłoczko Tomasz Kłoczko , 264879@bugs.debian.org
Thu, 31 Mar 2005 03:21:05 +0200 (CEST)


  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.

--568760595-522888846-1112232065=:4180
Content-Type: TEXT/PLAIN; charset=ISO-8859-2
Content-Transfer-Encoding: QUOTED-PRINTABLE

On Thu, 31 Mar 2005, Nicolas [iso-8859-1] Fran=E7ois wrote:
[..]
>   * the implementation from RedHat, which seems reasonable to me.  (maybe
>     we should not allow usernames starting with a '-').
>     useradd will still be much more permissive than adduser, but some
>     reasonable checks will be performed.
>     The RedHat equivalent regex is "^[a-zA-Z_][a-zA-Z0-9_-.]*\$?$"

About using "." in username: tru use "chown user.name <file>".
Solaris useradd allow use "." in username (also "-" and "_") but before=20
change this in shadow useradd will be good IMO change chown from coreutils=
=20
for disallow use "." as separatotr between user and group name.

Someting more about current RH/FC useradd: they allow also use upper case=
=20
in user name login which will break deliver emails to proper spool (SMTP=20
do not distinguish between lower and upper case). Also allow use longer=20
than 9 characters username. From /usr/include/bits/posix1_lim.h:

/* Maximum length of login name.  */
#define _POSIX_LOGIN_NAME_MAX   9

kloczek
--=20
-----------------------------------------------------------
*Ludzie nie maj=B1 problem=F3w, tylko sobie sami je stwarzaj=B1*
-----------------------------------------------------------
Tomasz K=B3oczko, sys adm @zie.pg.gda.pl|*e-mail: kloczek@rudy.mif.pg.gda.p=
l*
--568760595-522888846-1112232065=:4180--