Re: NetBSD Security Advisory 2011-005: ISC dhclient hostname field shell metacharacter injection

[Robert Elz <kre%munnari.OZ.AU@localhost>]

    Date:        Wed, 27 Apr 2011 22:32:18 +0000
    From:        David Holland <dholland-security%NetBSD.org@localhost>
    Message-ID:  <20110427223218.GA3398%netbsd.org@localhost>

  | I would say that anything that isn't allowed in a DNS name

There is nothing that isn't allowed in a DNS name.   Nothing.

Or to avoid double negatives, DNS names are a sequence of arbitrary
octets, where "arbitrary" means any value 0..255

Various protocols put limits on the names they allow, the DNS does not.

For hostnames, there is the old hostname RFC, but that really applied
only to entries that were intended for the old HOSTS.TXT file, which
hasn't existed for ages.

There is no reason to limit (at all - with the possible exception of \0
which just makes things messy for unix) the values that appear in
hostnames (nor the set that a DHCP server can deliver, for that matter).
Scripts (or other applications) that break when the hostname is unusual
ought to be fixed, not pandered to.

kre