enforce maxlength in usernames
walter harms
wharms at bfs.de
Thu Jul 28 08:22:51 UTC 2011
Am 28.07.2011 07:33, schrieb Lauri Kasanen:
>> Hi,
>> Could this be more acceptable. Could be improved by removing
>> the double strlen also the error message could be better.
>> Just to see if I overlooked something obvious.
>>
>> Ciao,
>> Tito
>>
>> void FAST_FUNC die_if_bad_username(const char *name)
>> {
>> /* Enforce length limits on usernames.
>> * LOGIN_NAME_MAX: Maximum length of a login name,
>> * including the terminating null byte.
>> * Must not be less than _POSIX_LOGIN_NAME_MAX (9).
>> */
>> if (!name
>> || strlen(name) + 1 > sysconf(_SC_LOGIN_NAME_MAX)
>> || strlen(name) + 1 < _POSIX_LOGIN_NAME_MAX
>
> That is no minimum, it's a minimum of the maximum. Consider names like
> "root", "lp".
>
> - Lauri
>
Hi all,
there is an RFC describing what a "Username" may look like, implementing it
is clearly overheat here. More interessting is RFC5321. http://tools.ietf.org/html/rfc5321#section-4.5.3.1
It recommends a maximum up to 64 "octets" (aka bytes).
I guess it would simplify life if we drop the IF THEN ELSE stuff and use 64 byte as limit.
re,
wh
More information about the busybox
mailing list