From: Alan T. DeKok <aland@freeradius.org>
Date: Mon, 29 Aug 2011 14:03:11 +0000 (-0400)
Subject: Note policy for filtering user names
X-Git-Tag: release_3_0_0_beta0~659
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b6ad529fe745e4c1cc55c2d8b412c1291780b9ec;p=thirdparty%2Ffreeradius-server.git

Note policy for filtering user names
---

diff --git a/raddb/sites-available/default b/raddb/sites-available/default
index 7455e806c5c..20c72ac64b3 100644
--- a/raddb/sites-available/default
+++ b/raddb/sites-available/default
@@ -67,6 +67,17 @@
 #  Make *sure* that 'preprocess' comes before any realm if you 
 #  need to setup hints for the remote radius server
 authorize {
+	#
+	#  Security settings.  Take a User-Name, and do some simple
+	#  checks on it, for spaces and other invalid characters.  If
+	#  it looks like the user is trying to play games, reject it.
+	#
+	#  This should probably be enabled by default.
+	#
+	#  See policy.conf for the definition of the filter_username policy.
+	#
+#	filter_username
+
 	#
 	#  The preprocess module takes care of sanitizing some bizarre
 	#  attributes in the request, and turning them into attributes