Date: Tue, 28 Jan 2003 11:30:53 -0300 (ART) From: Fernando Schapachnik <fernando@mecon.gov.ar> To: FreeBSD-gnats-submit@FreeBSD.org Subject: docs/47594: [PATH] passwd(5) incorrectly states allowed username and group syntax Message-ID: <200301281430.h0SEUrUF001129@bal740r0.mecon.gov.ar>
next in thread | raw e-mail | index | archive | help
>Number: 47594 >Category: docs >Synopsis: [PATH] passwd(5) incorrectly states allowed username and group syntax >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-doc >State: open >Quarter: >Keywords: >Date-Required: >Class: doc-bug >Submitter-Id: current-users >Arrival-Date: Tue Jan 28 06:40:08 PST 2003 >Closed-Date: >Last-Modified: >Originator: Fernando Schapachnik >Release: FreeBSD 4.7-RELEASE-p3 i386 >Organization: >Environment: System: FreeBSD bal740r0.mecon.gov.ar 4.7-RELEASE-p3 FreeBSD 4.7-RELEASE-p3 #2: Mon Jan 6 15:33:54 ART 2003 root@bal740r0.mecon.gov.ar:/usr/obj/usr/src/sys/BAL740R0 i386 Also -CURRENT. >Description: passwd(5) incorrectly states the allowed syntax. >How-To-Repeat: >Fix: The attached patch (in two flavours, for 4.7-R, and -CURRENT) explicitly lists disallowed chars in the username and group fields. I suggest that a reminder is put in pw/pw_user.c, so that the code in pw_checkname is kept in sync with the man page. Please somebody check the spelling and grammar, as I'm not a native speaker. The patch also accounts for the changes made in 1.53 in response to bin/28773 and bin/46890. Patch for 4.7-R: --- passwd.5.ori Tue Jan 28 10:30:25 2003 +++ passwd.5 Tue Jan 28 11:10:35 2003 @@ -90,8 +90,21 @@ entries, and that one by random selection. .Pp The login name must never begin with a hyphen -.Pq Ql \&- ; -also, it is strongly +.Pq Ql \&- +and should not contain 8-bit characters, neither tab nor spaces, colons +.Pq Ql \&: , +quotes +.Pq Ql \&" , +mathematical and comparison operators +.Pq Ql \&+*-%^<>=# , +parenthesis +.Pq Ql \&() , +and various punctuation and other symbols +.Pq Ql \&,&$!@~?|\/ . +As a special case to help Samba users, the dollar symbol +.Pq Ql \&$ +is allowed as the last character. +Also, it is strongly suggested that neither upper-case characters nor dots .Pq Ql \&. be part @@ -116,6 +129,7 @@ this field indicates the user's primary group. Secondary group memberships are selected in .Pa /etc/group . +Rules for valid group syntax are the same as for usernames. .Pp The .Ar class Patch for -CURRENT: --- /tmp/passwd.5 Tue Jan 28 11:19:35 2003 +++ passwd.5 Tue Jan 28 11:27:14 2003 @@ -114,7 +114,12 @@ that manipulate these files will often return only one of the multiple entries, and that one by random selection. .Pp -The login name must never begin with a hyphen (``-''); also, it is strongly +The login name must never begin with a hyphen (``-'') +and should not contain 8-bit characters, neither tab nor spaces, +quotes (``"''), mathematical and comparison operators (``+*-%^<>=#''), +parenthesis (``()'') and various punctuation and other symbols +(``,&$!@~?|\/''). As a special case to help Samba users, the dollar +symbol (``$'') is allowed as the last character. Also, it is strongly suggested that neither upper-case characters or dots (``.'') be part of the name, as this tends to confuse mailers. No field may contain a colon (``:'') as this has been used historically to separate the fields @@ -133,7 +138,8 @@ The group field is the group that the user will be placed in upon login. Since this system supports multiple groups (see .Xr groups 1 ) -this field currently has little special meaning. +this field currently has little special meaning. Rules for valid group +syntax are the same as for usernames. .Pp The .Ar class >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-doc" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200301281430.h0SEUrUF001129>