:: Re: [DNG] systemd allows elevated a…
Startseite
Nachricht löschen
Nachricht beantworten
Autor: Adam Borowski
Datum:  
To: dng
Betreff: Re: [DNG] systemd allows elevated access from unit files?
On Tue, Jul 04, 2017 at 09:59:36AM +0200, Giovanni Rapagnani wrote:
> On 04/07/17 09:23, Giovanni Rapagnani wrote:
> > the flag will only disable the check against NAME_REGEX defined in
> > /etc/adduser.conf. The flag will not permit to create usernames starting
> > with dash or containing invalid characters (ie not in [-0-9a-z_]) .
>
> for the sake of not spreading false information: actually there are more
> characters allowed than [-0-9a-z_]


And for the sake of repeating of true information from elsewhere:

POSIX says: characters allowed are [A-Za-z0-9._-], - can't be the first one.

Which leads to the following observations:
* uppercase names are allowed. This is deprecated by some other document (I
forgot which one) -- and note that on Unices usernames are case-sensitive,
on certain other systems are not.
* particularly, all-caps names are allowed. Most getty implementations
won't allow them and instead do "stty olcuc iuclc" (IIRC our default getty
in jessie does so, the one in stretch dropped this misfeature).
* username does not imply a $HOME. An user named "." or ".." is allowed
but obviously his/her $HOME needs to be something else.


Meow!
--
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ A dumb species has no way to open a tuna can.
⢿⡄⠘⠷⠚⠋⠀ A smart species invents a can opener.
⠈⠳⣄⠀⠀⠀⠀ A master species delegates.