[Toybox] lib/passwd.c is_valid_username()

Rob Landley rob at landley.net
Tue Sep 16 05:58:38 PDT 2014


I looked up the actual requirements for posix username sanitizing, and
it's concerns are _filename_ portability, presumably for the /home/$USER
directory:

http://pubs.opengroup.org/onlinepubs/000095399/basedefs/xbd_chap03.html#tag_03_426

http://pubs.opengroup.org/onlinepubs/000095399/basedefs/xbd_chap03.html#tag_03_276

(And objecting to - as the first character, presuably so "ls $USER"
isn't interpreted as an option. Except you need to be root to create a
new user, so I'm a bit confused at concerns over attacking the system
from that direction...? This is also why -- was invented, and scripts
use "printf" instead of "echo", and so on...)

These filename issues aren't actually a concern on Linux, which allows
any character except "/" and NUL in filenames.

Note that posix above doesn't allow $ as the last character, which the
is_valid_username() stuff does, presumably because redhat allows it?

Is there more information on the use cases here? A username can't have
":" in it because it's a colon delimited field, and it can't have "/" if
it's being used as a filename, but other than that why aren't other
characters allowed? Specifically, why can't we have utf8 usernames?

Rob

 1410872318.0


More information about the Toybox mailing list