diff options
| author | Martin Pitt <martin.pitt@ubuntu.com> | 2016-12-29 10:42:22 +0100 | 
|---|---|---|
| committer | GitHub <noreply@github.com> | 2016-12-29 10:42:22 +0100 | 
| commit | 2a4e5c629e24f2f3a62c567b57b22ed7d6c75019 (patch) | |
| tree | 9fee725f5c8321fa8c52d36e63f432a10277f1c4 /src/basic/user-util.c | |
| parent | 4d1fe20a585caadce57ef2d6a631a0d8029d2518 (diff) | |
| parent | d6c575e303520ffdcee1590a4181410024d5f917 (diff) | |
Merge pull request #4989 from poettering/nss-einval
nss user/group name validation fixes
Diffstat (limited to 'src/basic/user-util.c')
| -rw-r--r-- | src/basic/user-util.c | 12 | 
1 files changed, 11 insertions, 1 deletions
| diff --git a/src/basic/user-util.c b/src/basic/user-util.c index 938533d2e7..c619dad527 100644 --- a/src/basic/user-util.c +++ b/src/basic/user-util.c @@ -46,6 +46,8 @@  bool uid_is_valid(uid_t uid) { +        /* Also see POSIX IEEE Std 1003.1-2008, 2016 Edition, 3.436. */ +          /* Some libc APIs use UID_INVALID as special placeholder */          if (uid == (uid_t) UINT32_C(0xFFFFFFFF))                  return false; @@ -519,7 +521,15 @@ bool valid_user_group_name(const char *u) {          const char *i;          long sz; -        /* Checks if the specified name is a valid user/group name. */ +        /* Checks if the specified name is a valid user/group name. Also see POSIX IEEE Std 1003.1-2008, 2016 Edition, +         * 3.437. We are a bit stricter here however. Specifically we deviate from POSIX rules: +         * +         * - We don't allow any dots (this would break chown syntax which permits dots as user/group name separator) +         * - We require that names fit into the appropriate utmp field +         * - We don't allow empty user names +         * +         * Note that other systems are even more restrictive, and don't permit underscores or uppercase characters. +         */          if (isempty(u))                  return false; | 
