[Toybox] lib/passwd.c is_valid_username()

Robert Thompson robertt.thompson at gmail.com
Wed Sep 17 01:35:12 PDT 2014 

The most common issue that would impact UTF-8 is programs that use strchr()
and pointer math on strings that originated in the passwd file.

There are also issues about various services that have to implement
different rules than the usual unix world about safe/valid characters. Many
of these tend to assume that usernames would only contain uppercase,
lowercase, underscore, (maybe period), numbers, and weren't coded
defensively. Not long ago, they often still assumed the username was no
more than eight bytes long.

Most of the non-legacy code running on linux  isn't *too* far from being
able to handle UTF-8 usernames. I suspect there would be a surprising
amount of breakage, but with only minor patching needed to resolve most
cases.


On Tue, Sep 16, 2014 at 7:58 AM, Rob Landley <rob at landley.net> wrote:

> I looked up the actual requirements for posix username sanitizing, and
> it's concerns are _filename_ portability, presumably for the /home/$USER
> directory:
>
>
> http://pubs.opengroup.org/onlinepubs/000095399/basedefs/xbd_chap03.html#tag_03_426
>
>
> http://pubs.opengroup.org/onlinepubs/000095399/basedefs/xbd_chap03.html#tag_03_276
>
> (And objecting to - as the first character, presuably so "ls $USER"
> isn't interpreted as an option. Except you need to be root to create a
> new user, so I'm a bit confused at concerns over attacking the system
> from that direction...? This is also why -- was invented, and scripts
> use "printf" instead of "echo", and so on...)
>
> These filename issues aren't actually a concern on Linux, which allows
> any character except "/" and NUL in filenames.
>
> Note that posix above doesn't allow $ as the last character, which the
> is_valid_username() stuff does, presumably because redhat allows it?
>
> Is there more information on the use cases here? A username can't have
> ":" in it because it's a colon delimited field, and it can't have "/" if
> it's being used as a filename, but other than that why aren't other
> characters allowed? Specifically, why can't we have utf8 usernames?
>
> Rob
> _______________________________________________
> Toybox mailing list
> Toybox at lists.landley.net
> http://lists.landley.net/listinfo.cgi/toybox-landley.net
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.landley.net/pipermail/toybox-landley.net/attachments/20140917/5699df2a/attachment-0002.htm>

More information about the Toybox mailing list