File:  [LON-CAPA] / loncom / pwchange
Revision 1.6: download - view: text, annotated - select for diffs
Tue Feb 19 21:51:09 2002 UTC (22 years, 10 months ago) by matthew
Branches: MAIN
CVS tags: version_0_5_1, version_0_5, version_0_4, stable_2002_july, stable_2002_april, STABLE, HEAD
Fixed silly bug in checking for invalid password characters.

#!/usr/bin/perl

# The Learning Online Network with CAPA
#
# pwchange - setuid script to change unix passwords
#
# YEAR=2001
# 10/23,11/13,11/15 Scott Harrison
#
# YEAR=2002
# 02/19 Matthew Hall
#
# $Id: pwchange,v 1.6 2002/02/19 21:51:09 matthew Exp $
###

use strict;

# ------------------------------------------------------------------ Untainting
$ENV{'PATH'}='/bin:/usr/bin'; # Nullify path information.
delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints

# ---------------------------- Make sure this process is running from user=root
my $wwwid=getpwnam('www');
if (0!=$<) {
   exit 1;
}
# ----------------------------------------------- If not running setuid as root
if ($>!=0) {
    exit 1;
}

# ----------------------------------------------- Make sure arguments are valid
my $user=shift @ARGV;
$user=~/^(\w+)$/;
my $safe=$1;
my $pword=<>;
chomp $pword;
unless (length($safe) and ($user eq $safe) and ($safe=~/^[A-Za-z]/)) {
    exit 2;
}

my $pbad=0;
foreach (split(//,$pword)) {if ((ord($_)<32)||(ord($_)>126)){$pbad=1;}} 
exit 3 if $pbad;

# --------------------------------------------------------- Call system command
open OUT,"|passwd --stdin $safe >/dev/null";
print OUT $pword;
print OUT "\n";
close OUT;

# --------------------------------------- exit with status of command execution
exit $?/256;

=head1 NAME

pwchange - setuid script to change unix passwords

=head1 DESCRIPTION

Setuid script to change unix passwords.

=head1 README

Setuid script to change unix passwords.

=head1 PREREQUISITES

=head1 COREQUISITES

=pod OSNAMES

linux

=pod SCRIPT CATEGORIES

LONCAPA/Administrative

=cut

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>