Denis Vlasenko | dd5702d | 2008-03-19 23:15:55 +0000 | [diff] [blame] | 1 | /* vi: set sw=4 ts=4: */ |
| 2 | /* |
Denis Vlasenko | 70c6e40 | 2009-03-31 13:14:18 +0000 | [diff] [blame] | 3 | * Check user and group names for illegal characters |
Denis Vlasenko | dd5702d | 2008-03-19 23:15:55 +0000 | [diff] [blame] | 4 | * |
| 5 | * Copyright (C) 2008 Tito Ragusa <farmatito@tiscali.it> |
| 6 | * |
| 7 | * Licensed under GPLv2 or later, see file LICENSE in this tarball for details. |
| 8 | */ |
| 9 | |
| 10 | #include "libbb.h" |
| 11 | |
| 12 | /* To avoid problems, the username should consist only of |
| 13 | * letters, digits, underscores, periods, at signs and dashes, |
| 14 | * and not start with a dash (as defined by IEEE Std 1003.1-2001). |
| 15 | * For compatibility with Samba machine accounts $ is also supported |
| 16 | * at the end of the username. |
| 17 | */ |
| 18 | |
Denis Vlasenko | defc1ea | 2008-06-27 02:52:20 +0000 | [diff] [blame] | 19 | void FAST_FUNC die_if_bad_username(const char *name) |
Denis Vlasenko | dd5702d | 2008-03-19 23:15:55 +0000 | [diff] [blame] | 20 | { |
Denys Vlasenko | cb7edc2 | 2010-02-06 21:50:59 +0100 | [diff] [blame] | 21 | /* 1st char being dash or dot isn't valid: */ |
| 22 | goto skip; |
| 23 | /* For example, name like ".." can make adduser |
| 24 | * chown "/home/.." recursively - NOT GOOD |
| 25 | */ |
| 26 | |
Denis Vlasenko | dd5702d | 2008-03-19 23:15:55 +0000 | [diff] [blame] | 27 | do { |
Denys Vlasenko | cb7edc2 | 2010-02-06 21:50:59 +0100 | [diff] [blame] | 28 | if (*name == '-' || *name == '.') |
Denis Vlasenko | 104d544 | 2008-03-19 23:25:00 +0000 | [diff] [blame] | 29 | continue; |
| 30 | skip: |
| 31 | if (isalnum(*name) |
| 32 | || *name == '_' |
Denis Vlasenko | 104d544 | 2008-03-19 23:25:00 +0000 | [diff] [blame] | 33 | || *name == '@' |
Denys Vlasenko | cb7edc2 | 2010-02-06 21:50:59 +0100 | [diff] [blame] | 34 | || (*name == '$' && !name[1]) |
Denis Vlasenko | 104d544 | 2008-03-19 23:25:00 +0000 | [diff] [blame] | 35 | ) { |
| 36 | continue; |
| 37 | } |
| 38 | bb_error_msg_and_die("illegal character '%c'", *name); |
Denis Vlasenko | dd5702d | 2008-03-19 23:15:55 +0000 | [diff] [blame] | 39 | } while (*++name); |
| 40 | } |