On 3/20/2023 9:13 AM, Alexey Tikhonov wrote:
But probably SSSD should refuse to handle this kind of names immediately, instead of cutting unallowed chars off and handling what remains?
Yes please, as the current implementation
Otherwise it leads to a kind of security issue, as shown in the original email...
effectively aliases the set of '@+<username>' to '<username>' which I can't imagine is desirable or intended behavior.
Thanks… _______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
