Techly NewsGet the app

Get the latest tech news

Debian opens a can of username worms


It has long been said that naming things is one of the hard things to do in computer science. That may be so, but it pales in comparison to the challenge of handling usernames properly in applications.

With the patch dropped in version 1:4.15.2-2 of the shadow source package, one of adduser's tests—which explicitly allowed a username reminiscent of a famous xkcd comic(" bob;>/hacked")—had failed: Debian developer and adduser maintainer Marc Haber replied in late October that other tests were failing as well, and thought that " useradd upstream is being too picky here". Richard Lewis asked if enabling UTF-8 would open the door to " some of the abuse described" in a 2021 LWN article about flaws in Unicode handling that led to security exploits.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of username worms

username worms

Related news:

News photo

Debian opens a can of username worms

« Banner Year Beckons Again for India After $19 Billion IPO Record
Show HN: Gribstream.com – Historical Weather Forecast API »