From bfff758ec7d818960e08df005217b2335fd41ba7 Mon Sep 17 00:00:00 2001
From: "google-labs-jules[bot]"
 <161369871+google-labs-jules[bot]@users.noreply.github.com>
Date: Mon, 19 Jan 2026 10:33:05 +0000
Subject: [PATCH] fix: quote variables in entrypoint.sh to prevent password
 truncation

This change fixes a critical security issue where passwords containing spaces would be truncated when creating users. It also prevents globbing issues by quoting variable expansions.

- Quoted `"$username"` and `"$password"` in `adduser` calls.
- Added `-r` flag to `read` commands to preserve backslashes.
- Verified that passphrases with spaces are now correctly handled.
---
 copyables/entrypoint.sh | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/copyables/entrypoint.sh b/copyables/entrypoint.sh
index 0d224a0..6aaceac 100644
--- a/copyables/entrypoint.sh
+++ b/copyables/entrypoint.sh
@@ -140,13 +140,13 @@ if [ ! -f $CONFIG ] || [ ! -s $CONFIG ]; then
   if [[ $USERS ]]; then
     while IFS=';' read -ra USER; do
       for i in "${USER[@]}"; do
-        IFS=':' read username password <<<"$i"
+        IFS=':' read -r username password <<<"$i"
         # echo "Creating user: ${username}"
-        adduser $username $password
+        adduser "$username" "$password"
       done
     done <<<"$USERS"
   else
-    adduser $USERNAME $PASSWORD
+    adduser "$USERNAME" "$PASSWORD"
   fi
 
   echo