File:
[LON-CAPA] /
loncom /
pwchange
Revision
1.10:
download - view:
text,
annotated -
select for diffs
Fri Jul 17 02:20:59 2009 UTC (15 years, 5 months ago) by
raeburn
Branches:
MAIN
CVS tags:
version_2_9_X,
version_2_9_99_0,
version_2_9_1,
version_2_9_0,
version_2_8_99_1,
version_2_8_99_0,
version_2_12_X,
version_2_11_X,
version_2_11_5_msu,
version_2_11_5,
version_2_11_4_uiuc,
version_2_11_4_msu,
version_2_11_4,
version_2_11_3_uiuc,
version_2_11_3_msu,
version_2_11_3,
version_2_11_2_uiuc,
version_2_11_2_msu,
version_2_11_2_educog,
version_2_11_2,
version_2_11_1,
version_2_11_0_RC3,
version_2_11_0_RC2,
version_2_11_0_RC1,
version_2_11_0,
version_2_10_X,
version_2_10_1,
version_2_10_0_RC2,
version_2_10_0_RC1,
version_2_10_0,
loncapaMITrelate_1,
language_hyphenation_merge,
language_hyphenation,
bz6209-base,
bz6209,
bz2851,
PRINT_INCOMPLETE_base,
PRINT_INCOMPLETE,
HEAD,
GCI_3,
GCI_2,
BZ4492-merge,
BZ4492-feature_horizontal_radioresponse,
BZ4492-feature_Support_horizontal_radioresponse,
BZ4492-Support_horizontal_radioresponse
--stdin option not available with system passwd command in debian/ubuntu
- use system call to usermod instead.
#!/usr/bin/perl
# The Learning Online Network with CAPA
#
# pwchange - setuid script to change unix passwords
#
# YEAR=2001
#
# YEAR=2002
# 02/19 Matthew Hall
#
# $Id: pwchange,v 1.10 2009/07/17 02:20:59 raeburn Exp $
###
use strict;
my $noprint = 1;
print "In pwchange\n" unless $noprint;
print "Real uid = $< effective uid = $> \n" unless $noprint;
# ------------------------------------------------------------------ Untainting
$ENV{'PATH'}='/bin:/usr/bin'; # Nullify path information.
delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints
# ---------------------------- Make sure this process is running from user=root
if (0 != $<) {
print "Username not root" unless $noprint;
exit 1;
}
# ----------------------------------------------- If not running setuid as root
if ($>!=0) {
print "Not setuid to root" unless $noprint;
exit 1;
}
# ----------------------------------------------- Make sure arguments are valid
my $user=shift @ARGV;
$user=~/^(\w+)$/;
my $safe=$1;
print "Save user = $safe" unless $noprint;
my $pword=<>;
chomp $pword;
unless (length($safe) and ($user eq $safe) and ($safe=~/^[A-Za-z]/)) {
exit 2;
}
print "Password = $pword" unless $noprint;
my $pbad=0;
foreach (split(//,$pword)) {if ((ord($_)<32)||(ord($_)>126)){$pbad=1;}}
exit 3 if $pbad;
# --------------------------------------------------------- Call system command
my $distro;
if (open(PIPE,"perl distprobe|")) {
$distro = <PIPE>;
close(PIPE);
}
if ($distro =~ /^ubuntu|debian/) {
open(OUT,"|/usr/sbin/usermod -p `mkpasswd $pword` $safe");
close(OUT);
} else {
open(OUT,"|passwd --stdin $safe >/dev/null");
print OUT $pword;
print OUT "\n";
close(OUT);
}
# --------------------------------------- exit with status of command execution
exit $?/256;
=head1 NAME
pwchange - setuid script to change unix passwords
=head1 DESCRIPTION
Setuid script to change unix passwords.
=head1 README
Setuid script to change unix passwords.
=head1 PREREQUISITES
=head1 COREQUISITES
=pod OSNAMES
linux
=pod SCRIPT CATEGORIES
LONCAPA/Administrative
=cut
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to pwchange CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom