[
https://issues.apache.org/jira/browse/WHIMSY-49?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15202097#comment-15202097
]
Sebb commented on WHIMSY-49:
----------------------------
Note: the quickest way to fix this would be to update the code in the original
location.
I've also just realized that there are several other ids that should not be
used for logins.
These are the SVN role logins which don't use LDAP for authentication, for
example whimsysvn.
[I have done some work towards identifying them all.]
AFAICT there's currently no check to stop these being used.
Most of them have names that are unlikely to be used, but an error might cause
serious problems.
> Does INFRA-7390 have implications for allowable user ids?
> ---------------------------------------------------------
>
> Key: WHIMSY-49
> URL: https://issues.apache.org/jira/browse/WHIMSY-49
> Project: Whimsy
> Issue Type: Task
> Reporter: Sebb
> Attachments: WHIMSY-49-2.patch
>
>
> INFRA-7390 introduced e-mail aliases of the form
> [email protected]
> Now there are already some availids which contain a hyphen "-".
> Currently the list is:
> an-selm
> james-masanz
> jean-louis
> rgb-es
> soc-xzw
> swaroop-aj
> To avoid ambiguity, this means that the following ids should not be issued
> an
> james
> jean
> rgb
> soc
> swaroop
> AFAICT, these ids have not yet been allocated.
> But if any such ids were issued, there would be opportunities for mails to be
> unexpectedly misdirected.
> I don't know how potential availids are screened for suitability.
> If there is an automated check, it should be trivial to add the first part of
> existing ids to the list of exclusions.
> Note that the suffix can contain hyphens, so an availid of the form "a-b-c"
> should disallow "a-b" as well as "a", etc. for additional hyphens
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
