On Tue, Mar 08, 2022 at 05:49:04PM +0100, Marc Haber wrote: > (2) > #774046 #520037 > Which special characters should we allow for account names? Please consider the leading character separately from the rest of the characters: - leading digits sometimes causes programs to parse a 'username' as an 'user id' instead; you can see some of this here: https://github.com/systemd/systemd/issues/6237 I know I've seen more instances of this over the years. - leading dash may cause the username to be treated as command line options in some programs. I've lost references to this happening. While you can argue these are bugs in the programs involved, they do happen in the wild. Thus, I'd like to suggest that the regex be more restrictive for the first character. Thanks
Attachment:
signature.asc
Description: PGP signature