Andy Bradford writes: > While it may not be common to have a username with a ';' in it, I don't > see why a password cannot have a ';' in it. This could be accomplished > by separating badstr into two functions: baduid and badpass. So, what of > it Sam? What are the technical reasons for lumping bad characters for > both username and password into one function? After looking at the way > the user is authenticated with authdaemon, it doesn't seem that any > shells are ever created since the information is passed through a socket > to authdaemond. Even authdaemond itself forks and reads it's information > through a pipe...
When the userdb password module is used, a password change involves running the userdb command to update the userdb password file. This is an area where I always have a healthy sense of paranoia. It's ripe for errors that can be exploited. Therefore, I tend to play things on the safe side, and simply reject passwords with any trouble-making punctuation. I'll be glad to remove that filter as soon as someone, OTHER THAN MYSELF, with suitable credentials, audits the authentication library and blesses it. Until then, I'll play it safe and cut off any questionable data from even entering that portion of the code. -- Sam
