1 /* vi: set sw=4 ts=4: */
3 * Check user and group names for illegal characters
5 * Copyright (C) 2008 Tito Ragusa <farmatito@tiscali.it>
7 * Licensed under GPLv2 or later, see file LICENSE in this source tree.
12 /* To avoid problems, the username should consist only of
13 * letters, digits, underscores, periods, at signs and dashes,
14 * and not start with a dash (as defined by IEEE Std 1003.1-2001).
15 * For compatibility with Samba machine accounts $ is also supported
16 * at the end of the username.
19 void FAST_FUNC
die_if_bad_username(const char *name
)
21 const char *start
= name
;
23 /* 1st char being dash or dot isn't valid:
24 * for example, name like ".." can make adduser
25 * chown "/home/.." recursively - NOT GOOD.
26 * Name of just a single "$" is also rejected.
33 /* These chars are valid unless they are at the 1st pos: */
36 /* $ is allowed if it's the last char: */
37 || (*name
== '$' && !name
[1])
44 /* || ch == '@' -- we disallow this too. Think about "user@host" */
45 /* open-coded isalnum: */
46 || (ch
>= '0' && ch
<= '9')
47 || ((ch
|0x20) >= 'a' && (ch
|0x20) <= 'z')
51 bb_error_msg_and_die("illegal character with code %u at position %u",
52 (unsigned)ch
, (unsigned)(name
- start
));
55 /* The minimum size of the login name is one char or two if
56 * last char is the '$'. Violations of this are caught above.
57 * The maximum size of the login name is LOGIN_NAME_MAX
58 * including the terminating null byte.
60 if (name
- start
>= LOGIN_NAME_MAX
)
61 bb_error_msg_and_die("name is too long");