Re: passwd by WWW
> On Mon, 22 Apr 2002 22:35:53 +1000
> Ian Cumming <firstname.lastname@example.org> wrote:
> > I've come across this problem too. I think i searched freshmeat.net, and
> > found a few scripts which did the trick - however I wasn't confident
> > enough to put them into place.
> > Is www a priority? You could write a simple perl script which securely
> > launched passwd, and set the script to be the user's shell. This is what
> > I do on my server.
yes. www is a priority (but hmmmmmm....
users does not have shells.
In this fact are any other solutions ?
> > ps: if anyone *does* have a good cgi for changing passwords, please send
> > it to me :)
me too !!! :)
> Have a look at cgipasswd on freshmeat.net
> You need a suid cgi script, it's important to filter the form inputs
> against a list of valid characters.
It is working on suid :( Is it secure ? Probably not.
Maybe if I will have LIDS for Linux it will solve it. But which rules I
must set ?
To UNSUBSCRIBE, email to email@example.com
with a subject of "unsubscribe". Trouble? Contact firstname.lastname@example.org