--- loncom/Attic/lcuseradd 2001/10/23 03:42:30 1.15 +++ loncom/Attic/lcuseradd 2001/11/15 19:08:00 1.16 @@ -1,12 +1,17 @@ #!/usr/bin/perl + +# The Learning Online Network with CAPA # -# lcuseradd +# lcuseradd - LON-CAPA setuid script to coordinate all actions +# with adding a user with filesystem privileges (e.g. author) # -# Scott Harrison -# SH: October 27, 2000 -# SH: October 29, 2000 +# YEAR=2000 +# 10/27,10/29,10/30 Scott Harrison # YEAR=2001 -# Scott Harrison 10/21 +# 10/21,11/13,11/15 Scott Harrison +# +# $Id: lcuseradd,v 1.16 2001/11/15 19:08:00 harris41 Exp $ +### ############################################################################### ## ## @@ -103,7 +108,7 @@ use strict; # Security $ENV{'PATH'}='/bin/:/usr/bin:/usr/local/sbin:/home/httpd/perl'; # Nullify path # information -$ENV{'BASH_ENV'}=""; # Nullify shell environment information. +delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints # Do not print error messages. my $noprint=1; @@ -206,8 +211,8 @@ if (system('/usr/sbin/usermod','-G',$saf unlink('/tmp/lock_lcpasswd'); &disable_root_capability; -($>,$<)=(500,500); -open OUT,"|lcpasswd"; +($>,$<)=($wwwid,$wwwid); +open OUT,"|/home/httpd/perl/lcpasswd"; print OUT $safeusername; print OUT "\n"; print OUT $password1; @@ -215,7 +220,7 @@ print OUT "\n"; print OUT $password1; print OUT "\n"; close OUT; -($>,$<)=(500,0); +($>,$<)=($wwwid,0); if ($?) { exit 8; } @@ -316,3 +321,32 @@ sub try_to_lock { close LOCK; return 1; } + +=head1 NAME + +lcuseradd - LON-CAPA setuid script to coordinate all actions + with adding a user with filesystem privileges (e.g. author) + +=head1 DESCRIPTION + +lcuseradd - LON-CAPA setuid script to coordinate all actions + with adding a user with filesystem privileges (e.g. author) + +=head1 README + +lcuseradd - LON-CAPA setuid script to coordinate all actions + with adding a user with filesystem privileges (e.g. author) + +=head1 PREREQUISITES + +=head1 COREQUISITES + +=pod OSNAMES + +linux + +=pod SCRIPT CATEGORIES + +LONCAPA/Administrative + +=cut