On 30/03/2025 at 09:23, Marc Haber wrote:
On Wed, Mar 26, 2025 at 08:54:09PM +0100, Pascal Hambourg wrote:
Possible options may include:
- align adduser's comment sanitation regex on useradd
Yes. That would be the way to go. I am open for suggestions. We should
probably allow the complete UTF-8 range (short of control characters) here.
From a quick test it appears that useradd/chfn rejects ':' and \n,
fails with other control characters like \t \r \v \e \b \f \a matched by
class [:cntrl:] and accepts all printable characters that I can type on
my french keyboard, with a notification for non-ASCII ones.
I guess user-setup would need to do the same check too. However I have
no idea how to reliably match UTF-8 characters in a regex. The [:print:]
class seems to work only with a UTF-8 locale, but user-setup sets LANG=C.
