jerry42
September 19th, 2015, 04:00 AM
Ran into an interesting problem this afternoon. We have about 50 (14.04) workstations where a person can log in to the Ubuntu GUI with either a space at the beginning or the end of their username. What ?? Exactly.
LightDM is the display manager with these DT's installed (Xubuntu, XFCE, Unity, lxde)
After authenticating (LDAP), getting the desktop and opening a terminal, the environment variable USER could be either of the following (if a space was added before or after username):
env |grep USER
(quotes added for clarity)
USER=" fred"
or
USER="fred "
If the user does add a space before or after, it breaks several of our shell scripts.
From a security point of view, I don't think it's huge, considering the username and password must be correct, but sure would like to know how to resolve. We could (and probably will) strip the whitespace from the $USER in the script(s), but still would like to understand/fix the larger issue.
LightDM is the display manager with these DT's installed (Xubuntu, XFCE, Unity, lxde)
After authenticating (LDAP), getting the desktop and opening a terminal, the environment variable USER could be either of the following (if a space was added before or after username):
env |grep USER
(quotes added for clarity)
USER=" fred"
or
USER="fred "
If the user does add a space before or after, it breaks several of our shell scripts.
From a security point of view, I don't think it's huge, considering the username and password must be correct, but sure would like to know how to resolve. We could (and probably will) strip the whitespace from the $USER in the script(s), but still would like to understand/fix the larger issue.