Dear sirs,

I installed x2goserver on a debian wheezy machine dedicated to teaching activities.

The usernames retrieved from our university LDAP server (on which I have no authority) are allowed to be fully numerical, and most students have fully numerical uids.

In order to have a working x2goserver, I changed the regex expression in the sub sanitizer, "x2gosid" section, of

/usr/lib/x2go/x2goutils.pm (line 46) /usr/lib/x2go/x2gosqlitewrapper.pl (line 67)

from

if ($string =~ /^([a-zA-Z\_][a-zA-Z0-9\_\-\.\@]{0,47}[\$]?)\-[...etc...]

to

if ($string =~ /^([a-zA-Z\_0-9][a-zA-Z0-9\_\-\.\@]{0,47}[\$]?)\-[...etc...]

Being a mechanical engineer with limited developing experience and no perl knowledge, I can't state if such a change has undesired side effects.

Could you check if such change would be acceptable?

The only justification of our LDAP managers is probably that the POSIX standard allows usernames beginning with numbers (see e.g. discussion http://serverfault.com/questions/73084/what-characters-should-i-use-or-not-u... )

Thanking for the kind attention

-- Enrico Bertocchi