Diff for /loncom/pwchange between versions 1.6 and 1.10

version 1.6, 2002/02/19 21:51:09 version 1.10, 2009/07/17 02:20:59
Line 5 Line 5
 # pwchange - setuid script to change unix passwords  # pwchange - setuid script to change unix passwords
 #  #
 # YEAR=2001  # YEAR=2001
 # 10/23,11/13,11/15 Scott Harrison  
 #  #
 # YEAR=2002  # YEAR=2002
 # 02/19 Matthew Hall  # 02/19 Matthew Hall
Line 14 Line 13
 ###  ###
   
 use strict;  use strict;
   my $noprint = 1;
   
   
   
   print "In pwchange\n" unless $noprint;
   print "Real uid = $< effective uid = $> \n" unless $noprint;
 # ------------------------------------------------------------------ Untainting  # ------------------------------------------------------------------ Untainting
 $ENV{'PATH'}='/bin:/usr/bin'; # Nullify path information.  $ENV{'PATH'}='/bin:/usr/bin'; # Nullify path information.
 delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints  delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints
   
 # ---------------------------- Make sure this process is running from user=root  # ---------------------------- Make sure this process is running from user=root
 my $wwwid=getpwnam('www');  
 if (0!=$<) {  if (0 != $<) {
       print "Username not root" unless $noprint;
    exit 1;     exit 1;
 }  }
 # ----------------------------------------------- If not running setuid as root  # ----------------------------------------------- If not running setuid as root
 if ($>!=0) {  if ($>!=0) {
       print "Not setuid to root" unless $noprint;
     exit 1;      exit 1;
 }  }
   
Line 33  if ($>!=0) { Line 39  if ($>!=0) {
 my $user=shift @ARGV;  my $user=shift @ARGV;
 $user=~/^(\w+)$/;  $user=~/^(\w+)$/;
 my $safe=$1;  my $safe=$1;
   print "Save user = $safe" unless $noprint;
   
 my $pword=<>;  my $pword=<>;
 chomp $pword;  chomp $pword;
 unless (length($safe) and ($user eq $safe) and ($safe=~/^[A-Za-z]/)) {  unless (length($safe) and ($user eq $safe) and ($safe=~/^[A-Za-z]/)) {
     exit 2;      exit 2;
 }  }
   print "Password = $pword" unless $noprint;
 my $pbad=0;  my $pbad=0;
 foreach (split(//,$pword)) {if ((ord($_)<32)||(ord($_)>126)){$pbad=1;}}   foreach (split(//,$pword)) {if ((ord($_)<32)||(ord($_)>126)){$pbad=1;}} 
 exit 3 if $pbad;  exit 3 if $pbad;
   
 # --------------------------------------------------------- Call system command  # --------------------------------------------------------- Call system command
 open OUT,"|passwd --stdin $safe >/dev/null";  my $distro;
 print OUT $pword;  if (open(PIPE,"perl distprobe|")) {
 print OUT "\n";      $distro = <PIPE>;
 close OUT;      close(PIPE);
   }
   if ($distro =~ /^ubuntu|debian/) {
       open(OUT,"|/usr/sbin/usermod -p `mkpasswd $pword` $safe");
       close(OUT);
   } else {
       open(OUT,"|passwd --stdin $safe >/dev/null");
       print OUT $pword;
       print OUT "\n";
       close(OUT);
   }
   
 # --------------------------------------- exit with status of command execution  # --------------------------------------- exit with status of command execution
 exit $?/256;  exit $?/256;

Removed from v.1.6  
changed lines
  Added in v.1.10


FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>