[RFC] hostnamed

Thiago Macieira thiago at kde.org
Tue Apr 19 08:44:51 PDT 2011


On Tuesday, 19 de April de 2011 16:50:37 Lennart Poettering wrote:
> The SetHostname() call on the dbus interface actually refuses hostnames
> with chars outside of 0-9a-zA-Z, "." and "-". We also refuse hostnames with
> a length > HOST_NAME_MAX. And the empty string is handled especially, i.e.
> as "reset" to the static hostname.
> 
> People can still set a hostname like "....----...." of course, and we'd
> accept that. It's kinda broken if you do of course, but I see no
> vulnerability arising from that.

I suggest you apply the STD 3 rules for hostnames. To put it simply, hostnames 
are dot-separated labels that are each:

 - between 1 and 64 characters
 - contains letters A-Z a-z, digits 0-9 and the hyphen (dash)
 - does not start or end in a dash

That would mean ... is not a valid hostname, nor -.-.

In time: you may want to declare that the international hostnames that 
hostnamed deals with are ACE encoded as per RFC 3490. That means if my 
machine's hostname is:

	thiago.josé.macieira.example.org

hostnamed should be given and will return instead:

	thiago.xn--jos-dma.macieira.example.org

-- 
Thiago Macieira - thiago (AT) macieira.info - thiago (AT) kde.org
  Senior Product Manager - Nokia, Qt Development Frameworks
      PGP/GPG: 0x6EF45358; fingerprint:
      E067 918B B660 DBD1 105C  966C 33F5 F005 6EF4 5358
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.freedesktop.org/archives/xdg/attachments/20110419/4916557f/attachment.pgp>


More information about the xdg mailing list