View Single Post
  #9  
Old 31st July 2008, 21:57
bolero bolero is offline
Senior Member
 
Join Date: Apr 2008
Posts: 114
Thanks: 2
Thanked 8 Times in 8 Posts
Default

Thanks. The only difference between the two files is what I explained. I suggest not going back to the 2.2.23 version as it doesn't contain any sanity check. Use this check instead:

"/^[^:\r\n\t]{0,255}$/"

This allows almost any character except for colons, line-feeds etc. It should be safe to use that as I think any kind of character except for these should be allowed in /etc/passwd. If you want to be more strict use the check I posted first.
Reply With Quote