|
version 1.7, 2002/09/16 13:27:40
|
version 1.9, 2003/02/03 18:03:52
|
|
Line 5
|
Line 5
|
| # pwchange - setuid script to change unix passwords |
# pwchange - setuid script to change unix passwords |
| # |
# |
| # YEAR=2001 |
# YEAR=2001 |
| # 10/23,11/13,11/15 Scott Harrison |
|
| # |
# |
| # YEAR=2002 |
# YEAR=2002 |
| # 02/19 Matthew Hall |
# 02/19 Matthew Hall |
|
Line 16
|
Line 15
|
| use strict; |
use strict; |
| my $noprint = 1; |
my $noprint = 1; |
| |
|
| |
|
| |
|
| |
print "In pwchange\n" unless $noprint; |
| |
print "Real uid = $< effective uid = $> \n" unless $noprint; |
| # ------------------------------------------------------------------ Untainting |
# ------------------------------------------------------------------ Untainting |
| $ENV{'PATH'}='/bin:/usr/bin'; # Nullify path information. |
$ENV{'PATH'}='/bin:/usr/bin'; # Nullify path information. |
| delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints |
delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints |
| |
|
| # ---------------------------- Make sure this process is running from user=root |
# ---------------------------- Make sure this process is running from user=root |
| my $wwwid=getpwnam('www'); |
|
| if (0!=$<) { |
if (0 != $<) { |
| print "Username not www" unless $noprint; |
print "Username not root" unless $noprint; |
| exit 1; |
exit 1; |
| } |
} |
| # ----------------------------------------------- If not running setuid as root |
# ----------------------------------------------- If not running setuid as root |
![[BACK]](/icons/back.gif){kind=icon}
Return to pwchange CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom