On Tue, 19.04.11 12:44, Thiago Macieira ([email protected]) wrote: > On Tuesday, 19 de April de 2011 16:50:37 Lennart Poettering wrote: > > The SetHostname() call on the dbus interface actually refuses hostnames > > with chars outside of 0-9a-zA-Z, "." and "-". We also refuse hostnames with > > a length > HOST_NAME_MAX. And the empty string is handled especially, i.e. > > as "reset" to the static hostname. > > > > People can still set a hostname like "....----...." of course, and we'd > > accept that. It's kinda broken if you do of course, but I see no > > vulnerability arising from that. > > I suggest you apply the STD 3 rules for hostnames. To put it simply, > hostnames > are dot-separated labels that are each:
You know, the thing is that nothing says that the hostname you set with sethostname() is actualy an internet domain name, i.e. something you can store in DNS. It better be, but that's not in POSIX, and not in any other Unix standard either. POSIX is very terse on the syntax of hostnames: http://pubs.opengroup.org/onlinepubs/009695399/functions/gethostname.html It doesn't say anything about format, charset or anything else. Only thing it says is the maximum size limit. > - between 1 and 64 characters > - contains letters A-Z a-z, digits 0-9 and the hyphen (dash) > - does not start or end in a dash > > That would mean ... is not a valid hostname, nor -.-. With these rules "..." would still be a valid hostname. If it was for me I would mandate that the hostname cannot include ".", i.e needs to be a single DNS label. However I know that people disagree with that, and some folks think DNS FQDN is the way to go, and they have a bit of point in that. In short, I am not sure I want to go into the business of saying what sethostname() should actually be. So all I'll do is filter out the really obviously dangerous things: special chars that might be interepreted by shell, non-7bit stuff and overly long names. > In time: you may want to declare that the international hostnames that > hostnamed deals with are ACE encoded as per RFC 3490. That means if my > machine's hostname is: > > thiago.josé.macieira.example.org > > hostnamed should be given and will return instead: > > thiago.xn--jos-dma.macieira.example.org mDNS and DNS differ on this. The former says i18n is done via UTF-8, and the latter says via that xn-- notation. gethostname() should probably return something that is useful on mDNS, on DNS-SD, on LDAP and maybe even for YP/NIS alike. Hence hostnamed is strict here. I think the "pretty hostname" is the right place to use non-7bit-ASCII chars, and spaces and things. Having the non-preety hostnames with stricter rules is a good thing I believe. Lennart -- Lennart Poettering - Red Hat, Inc. _______________________________________________ xdg mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/xdg
