Re: [TCLUG:19575] Web based password updating

To: tclug-list@mn-linux.org
Subject: Re: [TCLUG:19575] Web based password updating
From: Clay Fandre <cfandre@maddog.mn-linux.org>
Date: Wed, 12 Jul 2000 16:29:09 -0500
References: <Pine.SOL.4.20.0007121523200.3040-100000@garnet.tc.umn.edu>
Sender: cfandre@localhost.localdomain

Luke Francl wrote:
> 
> On Wed, 12 Jul 2000, Clay Fandre wrote:
> 
> > "Seth I. Bernsen" wrote:
> > >
> > > A while back I heard mention of a way to allow users to change their
> > > password via a canned web interface?  Does anybody remember the
> > > details?  Thanks.
> >
> > At Honeywell I created a simple perl CGI web form that did this.
> 
> Be careful with security though. Use SSL, and make sure your script
> doesn't let the user execute arbitrary commands on the machine!
> 
> Did your script at Honeywell switch user to the person who was doing the
> change, then run passwd, or did it edit the password file directly? I'm
> just curious.
> 
> Luke

It was basically a front-end to /usr/local/bin/passwd.
/usr/local/bin/passwd was a perl script that did a LOT more checking
that the default passwd program does. (It is based on the passwd program
in the Programming Perl 1st ed., page 286). This script allows you to
specify other users as a command-line option.

Clay

References:
- Re: [TCLUG:19575] Web based password updating
  - From: Luke Francl <fran0382@tc.umn.edu>

Prev by Date: Re: [TCLUG:19571] [OT] How many mult/second?
Next by Date: LIL on bootable cd attempt
Prev by thread: Re: [TCLUG:19575] Web based password updating
Next by thread: Is CUPS the real deal?
Index(es):
- Date
- Thread