Re: web-based http password/group manager
On Sun, 13 Nov 2005, Hamish Moffatt wrote:
> > vi ... takes about 5 seconds bring up the files to add/delete users :-)
>
> This is true ;-) Except for encrypted passwords. Anyway, I want
> web-based so that web accounts can be administered more simply.
couple minutes to make a cgi-script that:
func add users()
htpasswd -c .htpasswd newuser
htpasswd administers its passwd automatically
and nothing to do about it .. including
changing from des to rsa to foo-encryption
find and delete users()
if [ grep user .htpasswd ]
grep -iv user < .htpasswd.old > .htpasswd
add the cosmetics as needed, or more importantly,
filter out all the whacky things like "rm -rf /" as
a username and/or passwd and watch for race conditions
or install somebody else's appp and spend min/hrs/days/weeks
trying to figure out what they intended for you to be doing
either way.. you will still need to make a webpage
that calls their cgi or your cleaned up cgi-as-above
to change your all important .htpasswd and .htaccess
and other equivalent files
c ya
alvin
Reply to: