Name Blacklist

Registered by Guilherme Salgado on 2005-10-20

Users have a 'name' attribute on their corresponding Person object. This is a short, unique ASCII name suitable for use in URLs and as a short identifier. It is also possible to login using this name. Ubuntites will also get <email address hidden> email addresses.

We want to stop users being able to change their names to known confusing or dangerous terms, such as 'root', 'administrator', 'ubuntu', 'canonical' etc. We also need to ensure that names do not conflict with any manually added email aliases in the @ubuntu.com domain or well known names required by RFCs such as 'abuse' or 'postmaster'.

This same blacklist should be used for other pillar names like project, product and distribution to avoid confusion and social engineering attacks.

Blueprint information

Status:
Complete
Approver:
Mark Shuttleworth
Priority:
High
Drafter:
Stuart Bishop
Direction:
Needs approval
Assignee:
Stuart Bishop
Definition:
Obsolete
Series goal:
None
Implementation:
Good progress
Milestone target:
None
Started by
Stuart Bishop on 2006-10-10
Completed by
Curtis Hovey on 2010-06-01

Related branches

Sprints

Whiteboard

Done and rolled out except for a web ui.

(?)

Work Items

Dependency tree

* Blueprints in grey have been implemented.

This blueprint contains Public information 
Everyone can see this information.