blob: 8b4deec2931e555e92b4b0c7f8bc89b2c1a1a277 [file] [log] [blame]
Denis Vlasenkodd5702d2008-03-19 23:15:55 +00001/* vi: set sw=4 ts=4: */
2/*
Denis Vlasenko70c6e402009-03-31 13:14:18 +00003 * Check user and group names for illegal characters
Denis Vlasenkodd5702d2008-03-19 23:15:55 +00004 *
5 * Copyright (C) 2008 Tito Ragusa <farmatito@tiscali.it>
6 *
7 * Licensed under GPLv2 or later, see file LICENSE in this tarball for details.
8 */
9
10#include "libbb.h"
11
12/* To avoid problems, the username should consist only of
13 * letters, digits, underscores, periods, at signs and dashes,
14 * and not start with a dash (as defined by IEEE Std 1003.1-2001).
15 * For compatibility with Samba machine accounts $ is also supported
16 * at the end of the username.
17 */
18
Denis Vlasenkodefc1ea2008-06-27 02:52:20 +000019void FAST_FUNC die_if_bad_username(const char *name)
Denis Vlasenkodd5702d2008-03-19 23:15:55 +000020{
Denys Vlasenkocb7edc22010-02-06 21:50:59 +010021 /* 1st char being dash or dot isn't valid: */
22 goto skip;
23 /* For example, name like ".." can make adduser
24 * chown "/home/.." recursively - NOT GOOD
25 */
26
Denis Vlasenkodd5702d2008-03-19 23:15:55 +000027 do {
Denys Vlasenkocb7edc22010-02-06 21:50:59 +010028 if (*name == '-' || *name == '.')
Denis Vlasenko104d5442008-03-19 23:25:00 +000029 continue;
30 skip:
31 if (isalnum(*name)
32 || *name == '_'
Denis Vlasenko104d5442008-03-19 23:25:00 +000033 || *name == '@'
Denys Vlasenkocb7edc22010-02-06 21:50:59 +010034 || (*name == '$' && !name[1])
Denis Vlasenko104d5442008-03-19 23:25:00 +000035 ) {
36 continue;
37 }
38 bb_error_msg_and_die("illegal character '%c'", *name);
Denis Vlasenkodd5702d2008-03-19 23:15:55 +000039 } while (*++name);
40}