return undef;
}
- # we only allow a limited set of characters (colon is not allowed,
- # because we store usernames in colon separated lists)!
- if ($username =~ m/^([^\s:]+)\@(${realm_regex})$/) {
+ # we only allow a limited set of characters
+ # colon is not allowed, because we store usernames in
+ # colon separated lists)!
+ # slash is not allowed because it is used as pve API delimiter
+ # also see "man useradd"
+ if ($username =~ m!^([^\s:/]+)\@(${realm_regex})$!) {
return wantarray ? ($username, $1, $2) : $username;
}
+libpve-access-control (1.0-21) unstable; urgency=low
+
+ * do not allow user names including slash
+
+ -- Proxmox Support Team <support@proxmox.com> Tue, 24 Apr 2012 10:07:47 +0200
+
+libpve-access-control (1.0-20) unstable; urgency=low
+
+ * add ability to fork cli workers in background
+
+ -- Proxmox Support Team <support@proxmox.com> Wed, 18 Apr 2012 08:28:20 +0200
+
libpve-access-control (1.0-19) unstable; urgency=low
* return set of privileges on login - can be used to adopt GUI