loncom/pwchange - annotate

Return to pwchange CVS log
Up to [LON-CAPA] / loncom
Annotation of loncom/pwchange, revision 1.4

1.1       harris41    1: #!/usr/bin/perl
                      2: 
1.4     ! harris41    3: # The Learning Online Network with CAPA
1.2       harris41    4: #
                      5: # pwchange - setuid script to change unix passwords
                      6: #
                      7: # YEAR=2001
                      8: # 10/23,11/13,11/15 Scott Harrison
                      9: #
1.4     ! harris41   10: # $Id: pwchange,v 1.3 2001/11/15 18:15:06 harris41 Exp $
1.2       harris41   11: ###
                     12: 
1.1       harris41   13: use strict;
1.2       harris41   14: 
                     15: # ------------------------------------------------------------------ Untainting
1.1       harris41   16: $ENV{'PATH'}='/bin:/usr/bin'; # Nullify path information.
1.2       harris41   17: delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints
1.1       harris41   18: 
1.2       harris41   19: # ----------------------------- Make sure this process is running from user=www
                     20: my $wwwid=getpwnam('www');
                     21: if ($wwwid!=$<) {
                     22:    exit 1;
                     23: }
                     24: # ----------------------------------------------- If not running setuid as root
1.1       harris41   25: if ($>!=0) {
                     26:     exit 1;
                     27: }
                     28: 
1.2       harris41   29: # ----------------------------------------------- Make sure arguments are valid
1.1       harris41   30: my $user=shift @ARGV;
                     31: $user=~/^(\w+)$/;
                     32: my $safe=$1;
                     33: my $pword=<>;
                     34: chomp $pword;
                     35: unless (length($safe) and ($user eq $safe) and ($safe=~/^[A-Za-z]/)) {
                     36:     exit 2;
                     37: }
                     38: 
                     39: my $pbad=0;
                     40: map {if (($_<32)&&($_>126)){$pbad=1;}} (split(//,$pword));
                     41: exit 3 if $pbad;
                     42: 
1.2       harris41   43: # --------------------------------------------------------- Call system command
1.1       harris41   44: open OUT,"|passwd --stdin $safe >/dev/null";
                     45: print OUT $pword;
                     46: print OUT "\n";
                     47: close OUT;
                     48: 
1.2       harris41   49: # --------------------------------------- exit with status of command execution
1.1       harris41   50: exit $?/256;
1.2       harris41   51: 
                     52: =head1 NAME
                     53: 
                     54: pwchange - setuid script to change unix passwords
                     55: 
                     56: =head1 DESCRIPTION
                     57: 
                     58: Setuid script to change unix passwords.
                     59: 
                     60: =head1 README
                     61: 
                     62: Setuid script to change unix passwords.
                     63: 
                     64: =head1 PREREQUISITES
                     65: 
                     66: =head1 COREQUISITES
                     67: 
                     68: =pod OSNAMES
                     69: 
                     70: linux
                     71: 
                     72: =pod SCRIPT CATEGORIES
                     73: 
                     74: LONCAPA/Administrative
                     75: 
                     76: =cut
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>