[X2Go-Dev] Effective username not correct in Session ID because of plus sign in user names (Windows AD / Samba4)
Stefan Baur
X2Go-ML-1 at baur-itcs.de
Tue Mar 20 11:04:03 CET 2018
Am 20.03.2018 um 10:56 schrieb Mihai Moldovan:
> There are also problems with backslashes and other characters in user names.
>
> They originate from a new sanitization feature in X2Go Server that drops
> characters not deemed suitable for a username.
>
> A plus sign might not be part of the allowed character set, which would explain
> this behavior.
>
> We've had such an discussion before and I'm still not completely sure what to do
> with it. It sounded like sanitization was a good idea at first, but seeing it
> causes problems often (well, for AD and NIS users only most of the time), maybe
> I should rework this and just accept any input.
>
>
> Not sure if that is a smart idea, though.
Maybe we could add a config variable X2GO_ALLOW_IN_USERNAME, so admins
could adapt it to their needs, yet it wouldn't be our fault if they
shoot themselves in the foot with it?
Ship with a sane default (like we do now) and add a proper description
in the comments, everything else is up to the admin.
Kind Regards,
Stefan Baur
--
BAUR-ITCS UG (haftungsbeschränkt)
Geschäftsführer: Stefan Baur
Eichenäckerweg 10, 89081 Ulm | Registergericht Ulm, HRB 724364
Fon/Fax 0731 40 34 66-36/-35 | USt-IdNr.: DE268653243
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://lists.x2go.org/pipermail/x2go-dev/attachments/20180320/df1e13a2/attachment.sig>
More information about the x2go-dev
mailing list