Skip to content

lib/chkname.c: Don't allow '$' in user/group names #1398

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
alejandro-colomar wants to merge 2 commits into
base: master
Choose a base branch
from
Open

lib/chkname.c: Don't allow '$' in user/group names #1398

alejandro-colomar wants to merge 2 commits into from
+1 −20

Conversation

@alejandro-colomar
Copy link
Collaborator

@alejandro-colomar alejandro-colomar commented Dec 4, 2025
edited
Loading

The dollar is dangerous. Require users to use --badname to allow it.

Cc: @zeha , @thesamesam , @jubalh , @Zugschlus , @stoeckmann

Revisions:

v1b
  • Expand commit message.
$ git rd 
1:  91f74f912 ! 1:  895b1b420 lib/chkname.c: Don't allow '$' in user/group names
    @@ Metadata
      ## Commit message ##
         lib/chkname.c: Don't allow '$' in user/group names
     
    -    The dollar is dangerous.  Require users to use --badname to allow it.
    +    The dollar is dangerous.  Most languages use it as a special character,
    +    such as the shell --which uses it with many different meanings,
    +    depending on the context--.
    +
    +    Require users to use --badname to allow it.
     
         Signed-off-by: Alejandro Colomar <alx@kernel.org>
v1c
  • Rebase
$ git rd 
1:  895b1b420 ! 1:  0d058ad4e lib/chkname.c: Don't allow '$' in user/group names
    @@ Commit message
     
      ## lib/chkname.c ##
     @@ lib/chkname.c: is_valid_name(const char *name)
    +    * User/group names must match BRE regex:
    +    *    [a-zA-Z0-9_.][a-zA-Z0-9_.-]*$\?
    +    *
    +-   * as a non-POSIX, extension, allow "$" as the last char for
    +-   * sake of Samba 3.x "add machine script"
    +-   *
    +    * Also do not allow fully numeric names or just "." or "..".
    +    */
      
    -   /*
    -          * User/group names must match BRE regex:
    --         *    [a-zA-Z0-9_.][a-zA-Z0-9_.-]*$\?
    --         *
    --         * as a non-POSIX, extension, allow "$" as the last char for
    --         * sake of Samba 3.x "add machine script"
    -+         *    [a-zA-Z0-9_.][a-zA-Z0-9_.-]*
    -          *
    -          * Also do not allow fully numeric names or just "." or "..".
    -          */
     @@ lib/chkname.c: is_valid_name(const char *name)
                      (*name >= '0' && *name <= '9') ||
                      *name == '_' ||
v1d
  • Rebase
$ git rd 
1:  0d058ad4e ! 1:  54148256a lib/chkname.c: Don't allow '$' in user/group names
    @@ Commit message
     
      ## lib/chkname.c ##
     @@ lib/chkname.c: is_valid_name(const char *name)
    +   /*
         * User/group names must match BRE regex:
         *    [a-zA-Z0-9_.][a-zA-Z0-9_.-]*$\?
    -    *
    +-   *
     -   * as a non-POSIX, extension, allow "$" as the last char for
     -   * sake of Samba 3.x "add machine script"
    --   *
    -    * Also do not allow fully numeric names or just "." or "..".
         */
      
    +   if (!((*name >= 'a' && *name <= 'z') ||
     @@ lib/chkname.c: is_valid_name(const char *name)
                      (*name >= '0' && *name <= '9') ||
                      *name == '_' ||
    @@ lib/chkname.c: is_valid_name(const char *name)
     +                *name == '-'
                     ))
                {
    -                   errno = EINVAL;
    +                   errno = EILSEQ;
v1e
  • Update regex in comment.
$ git rd 
1:  54148256a ! 1:  8ea2d9305 lib/chkname.c: Don't allow '$' in user/group names
    @@ Commit message
     
      ## lib/chkname.c ##
     @@ lib/chkname.c: is_valid_name(const char *name)
    + 
        /*
         * User/group names must match BRE regex:
    -    *    [a-zA-Z0-9_.][a-zA-Z0-9_.-]*$\?
    +-   *    [a-zA-Z0-9_.][a-zA-Z0-9_.-]*$\?
     -   *
     -   * as a non-POSIX, extension, allow "$" as the last char for
     -   * sake of Samba 3.x "add machine script"
    ++   *    [a-zA-Z0-9_.][a-zA-Z0-9_.-]*
         */
      
        if (!((*name >= 'a' && *name <= 'z') ||
v1f
  • Rebase
$ git rd 
1:  8ea2d9305 = 1:  af9046e15 lib/chkname.c: Don't allow '$' in user/group names
v2
  • Simplify code.
$ git rd 
1:  af9046e15 = 1:  af9046e15 lib/chkname.c: Don't allow '$' in user/group names
-:  --------- > 2:  7ec47ae50 lib/chkname.c: is_valid_name(): Remove redundant check

@zeha
Copy link
Contributor

zeha commented Dec 6, 2025

I'm in favour, but could the commit message spell out why it was deemed dangerous? Just to avoid re-ligitating this in the future.

@alejandro-colomar alejandro-colomar force-pushed the badsamba branch 2 times, most recently from 91f74f9 to 895b1b4 Compare December 6, 2025 16:52
@alejandro-colomar
Copy link
Collaborator Author

alejandro-colomar commented Dec 6, 2025

I'm in favour, but could the commit message spell out why it was deemed dangerous? Just to avoid re-ligitating this in the future.

Yup; I've expanded it. Please let me know if you'd add more to it. Thanks!

@alejandro-colomar alejandro-colomar self-assigned this Dec 11, 2025
@alejandro-colomar alejandro-colomar force-pushed the badsamba branch 2 times, most recently from 0d058ad to 5414825 Compare December 26, 2025 11:39
@alejandro-colomar
lib/chkname.c: Don't allow '$' in user/group names
af9046e 
The dollar is dangerous.  Most languages use it as a special character,
such as the shell --which uses it with many different meanings,
depending on the context--.

Require users to use --badname to allow it.

Signed-off-by: Alejandro Colomar <alx@kernel.org>
@alejandro-colomar
lib/chkname.c: is_valid_name(): Remove redundant check
7ec47ae 
The loop below covers this already.  We already have special-cased above
the case where the string starts with '-', so we don't need to worry
about it.

Signed-off-by: Alejandro Colomar <alx@kernel.org>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@hallyn hallyn Awaiting requested review from hallyn

@ikerexxe ikerexxe Awaiting requested review from ikerexxe

At least 1 approving review is required to merge this pull request.

Assignees

@alejandro-colomar alejandro-colomar

Labels

Breaking change

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@alejandro-colomar @zeha