Bug#264879: [Pkg-shadow-devel] Bug#264879: passwd: useradd allows invalid characters as username

Alexander Gattin Alexander Gattin <arg@online.com.ua>, 264879@bugs.debian.org
Sat, 2 Apr 2005 22:07:26 +0300 

On Thu, Mar 31, 2005 at 03:21:05AM +0200, Tomasz Kłoczko wrote:
> On Thu, 31 Mar 2005, Nicolas [iso-8859-1] François wrote:
> [..]
> >   * the implementation from RedHat, which seems reasonable to me.  (maybe
> >     we should not allow usernames starting with a '-').

Consider what most tools (from coreutils/shadow/adduser
etc.) will think about "-h" or "--verbose" username? :))

> >     useradd will still be much more permissive than adduser, but some
> >     reasonable checks will be performed.
> >     The RedHat equivalent regex is "^[a-zA-Z_][a-zA-Z0-9_-.]*\$?$"
> 
> About using "." in username: tru use "chown user.name <file>".

Good contr-example. ;-)

> Solaris useradd allow use "." in username (also "-" and "_") but before 
> change this in shadow useradd will be good IMO change chown from coreutils 
> for disallow use "." as separatotr between user and group name.

I agree with you on this matter.

> Someting more about current RH/FC useradd: they allow also use upper case 
> in user name login which will break deliver emails to proper spool (SMTP 
> do not distinguish between lower and upper case).

No. SMTP may or _may not_ distinguish those.

> [Page 14]:
> RFC 2821             Simple Mail Transfer Protocol            April 2001
> ...
>    is NOT true of a mailbox local-part.  The local-part of a mailbox
>    MUST BE treated as case sensitive.  Therefore, SMTP implementations
>    MUST take care to preserve the case of mailbox local-parts.
> ...
> [Page 37]:
>       Local-part = Dot-string / Quoted-string 
>             ; MAY be case-sensitive
The only _truly_ case-insensitive mailbox addr is
"postmaster":
> [Page 57]:
>    Any system that includes an SMTP server supporting mail relaying or
>    delivery MUST support the reserved mailbox "postmaster" as a case-
>    insensitive local name.  This postmaster address is not strictly
>    necessary if the server always returns 554 on connection opening

So, the "any-case" proposal is perfectly good from my
point of view.

-- 
WBR,
xrgtn