proxmox-mirrors/pve-access-control
1
0
Fork 0
mirror of https://git.proxmox.com/git/pve-access-control synced 2025-08-10 09:24:46 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

do not allow user names including slash

Browse Source
This commit is contained in:
Dietmar Maurer 2012-04-24 10:10:35 +02:00
parent 3036e8b1be
commit 3030a17643
3 changed files with 19 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Makefile
View File

@ -2,7 +2,7 @@ RELEASE=2.0
VERSION=1.0 VERSION=1.0
PACKAGE=libpve-access-control PACKAGE=libpve-access-control
PKGREL=19 PKGREL=21
DESTDIR= DESTDIR=
PREFIX=/usr PREFIX=/usr

9
PVE/AccessControl.pm
View File

@ -732,9 +732,12 @@ sub verify_username {
return undef; return undef;
} }
# we only allow a limited set of characters (colon is not allowed, # we only allow a limited set of characters
# because we store usernames in colon separated lists)! # colon is not allowed, because we store usernames in
if ($username =~ m/^([^\s:]+)\@(${realm_regex})$/) { # colon separated lists)!
# slash is not allowed because it is used as pve API delimiter
# also see "man useradd"
if ($username =~ m!^([^\s:/]+)\@(${realm_regex})$!) {
return wantarray ? ($username, $1, $2) : $username; return wantarray ? ($username, $1, $2) : $username;
} }

12
changelog.Debian
View File

@ -1,3 +1,15 @@
libpve-access-control (1.0-21) unstable; urgency=low
* do not allow user names including slash
-- Proxmox Support Team <support@proxmox.com> Tue, 24 Apr 2012 10:07:47 +0200
libpve-access-control (1.0-20) unstable; urgency=low
* add ability to fork cli workers in background
-- Proxmox Support Team <support@proxmox.com> Wed, 18 Apr 2012 08:28:20 +0200
libpve-access-control (1.0-19) unstable; urgency=low libpve-access-control (1.0-19) unstable; urgency=low
* return set of privileges on login - can be used to adopt GUI * return set of privileges on login - can be used to adopt GUI