Re: Login anomaly or security issue? (fwd)

Steven P. Crain (scrain@shore.net)
Fri, 25 Jul 1997 19:14:29 -0400 (EDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: clemdog@marshallnet.com: "56k Required encoding"
Previous message: Keith: "Re: WinNT"
In reply to: Paul Gregg: "Re: Radius 2.01 patches"

On Fri, 25 Jul 1997, MegaZone wrote:

> Once upon a time Jason Robbins shaped the electrons to say...
> >username, a space and his lastname, 'joe last'. He authenticated
> >just fine, and a show session listed him as 'joe last', as did the detail
>
> This is a well known issue. Up to 2.0.1 RADIUS truncated on spaces -
> so it actually validated 'joe'. But the PM holds only the entire field
> in the show, and also sends that to accounting.
>
> In 2.0.1 usernames with spaces are denied.

And, there is a compile time switch if you want the old behaviour
instead.

----------------------------------------------------------------------------
Steven P. Crain scrain@shore.net http://www.shore.net/~scrain
Shore.Net Unix Development and Administration
An ISP with Excellence in the Greater Boston Area.

Next message: clemdog@marshallnet.com: "56k Required encoding"
Previous message: Keith: "Re: WinNT"
In reply to: Paul Gregg: "Re: Radius 2.01 patches"