user name in /etc/passwd GCOS field

Bill.Stewart.<ho95c> wcs at skep2.ATT.COM
Mon Apr 25 13:52:51 AEST 1988 

In article <1361 at lznv.ATT.COM> psc at lznv.ATT.COM (Paul S. R. Chisholm) writes:
:My group is looking for a standard way that mail(1) can get a user's
:name from a password file entry.  The proposed solution is to take
:everything up to (but not including) the first left or right
:parenthesis (or, of course, up the the terminating colon).  Some
:members of another group in the area have suggested ending before the
:first parenthesis, but stripping off everything before (and including)
:a hyphen.  Either way, a system-wide parameter would control whether
:mail would use this legible name.

Horror stories about why this is dangerous:
	The Div 452 passwd command checks whether your new password
	resembles your login name, and also checks whether it resembles your
	RJE job account number, by looking for the first (, then searching
	for the next ).  When I used it on my lab machine, which didn't have
	RJE fields, it dumped core.  Of course it was doing this at login
	time when your passwrd expired, so you couldn't get on.  Why did it
	dump core?  Because the authors *knew* there would be parentheses
	there, not more than 6 characters apart.  Since the ( wasn't there,
	it walked off through memory looking for one, and started copying
	characters into a field until it found a ) somewhere, or until it
	memory-faulted the read or trashed something on the write.

	AT&T people named "Firstname M Lastname-Hyphenated" used to get
	their names truncated to "Hyphenated" in netnews signatures.

	Berkeley UNIX provides a "change full name" utility to allow you to
	edit your gcos field.  Even if you can  beat the obvious security
	risks, users will still generate troublesome names.

	Locally-written "finger" and accounting programs will use formats
	designed to confuse you.

	Maybe my name really *is*
		temp-clerk-3 (see Mike for details)
	
:Since these (optional) changes are intended for the UNIX System V
:Release 4 implementation of /bin/mail, I'd greatly appreciate your
:comments.
	Be extremely careful, or take the conservative approach (whole field).
	Be excessively careful about bounds-checking.
	You will always get junk some places.  Tolerate it.
	Do replace occurences of common mailer punctuation such as
		()<> and maybe @!. with safer characters.  Don't just
		use spaces, since they may break things.

Our password files gecos-fields used to have random items in random
order, depending on who installed the user and why.  When we decided to
consolidate several systems, we wrote an add-user script to add new
users, and I wrote a pattern-matching script to try to clean up
existing entries.  (It was about 90% accurate, which is enough to let
you finish by hand.)  The result has evolved into the silliness in my
address line above, with department number, phone, room, several kinds
of accounting, home machine, no-spaces-so-antique-accounting-doesn't-break,
and incidentally my name.  If your software can extract the real
information out of *that* by more than pure chance, I'll be impressed.
Or I'll need to update the accounting package again.
-- 
#				Thanks;
# Bill Stewart, AT&T Bell Labs 2G218, Holmdel NJ 1-201-949-0705 ihnp4!ho95c!wcs
# skep2 is a local machine I'm trying to turn into a server.  Please send
# mail to ho95c or ho95e instead.  Thanks.

More information about the Comp.unix.questions mailing list