[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: /bin/passwd as shell

also sprach Rob VanFleet
> On this list (I beleive) I saw someone mention the use of /bin/passwd
> as a shell for mail-only users so they can easily change their password
> without having to ask someone.  Is this a secure option, or am I
> missing some glaring problems?  If so, what are some other possible
> solutions?

that was me, and no, noone has mentioned any bad aspects yet, other than your
users having to type the old password twice. however, it's not the
solution i amlooking for, so i am implementing a highly secure way to do it over and
SSL/TLS-encrypted webform with emphasis on minimization of root privilege
i'll post to the list when i am done.

martin;              (greetings from the heart of the sun.)
  \____ echo mailto: !#^."<*>"|tr "<*> mailto:"; net@madduck

     This email was sent using SquirrelMail
   "Webmail for nuts!" at webmail.madduck.net

Reply to: