Bug#264879: [Pkg-shadow-devel] Bug#264879: passwd: useradd allows invalid characters as username

[Nicolas François]

On Sun, Apr 03, 2005 at 03:25:13AM +0300, Alexander Gattin wrote:
> On Sun, Apr 03, 2005 at 12:15:39AM +0200, Nicolas François wrote:
> > I've just tried it, the Debian's useradd allows much funnier user nam=
es:
> > # useradd '`ls /`
> > # getent passwd '`ls /`'
> > `ls /`:x:1042:100::/home/`ls /`:
> 
> Very funny :). But names starting from '-' have such a
> unique property that they can't be escaped, like you
> did with `ls /` _in shell_ by surrounding it with
> single quotes. "-names", let's call them such, can be
> escaped or stripped their special meaning (as cmdline
> option), by the util/program only.
> 
> I.e., support for treating of "-names" as non-option
> arguments is at program's own discretion. Many utils
> accept GNU "--" delimiter. Some doesn't.
> 
> For example, you _can_ do `useradd -- -auser` but you
> can't `userdel -- -auser` then.

I'm sorry if this discussion came because I claimed Fedora allows usernames
that start by a '-'.  This was wrong.

I agree with your analysis, and don't require in any way that we should
allow such usernames (this would be a burden not only for shadow's
commands, but also for all commands that accept a username in argument).

> > Regarding upper cases, I remember a discussion about using "Debian-*"=
 users
> > for some packages administrative users (for exim, IIRC).  I'm not sur=
e
> > this discussion ended.  It could resurface after Sarge.
> > 
> > I could find this thread, but I think it was also discussed earlier:
> > http://lists.debian.org/debian-devel/2005/02/msg00226.html
> 
> Discussion is interesting, but I can't find anything
> about uppercase and mail accounts. :(

Regarding uppercase, here is the thread:
http://lists.debian.org/debian-devel/2004/03/msg00839.html

This concerns system accounts (Debian-foo), not mail accounts.

Kind Regards,
-- 
Nekral