|
version 1.6, 2002/02/19 21:51:09
|
version 1.10, 2009/07/17 02:20:59
|
|
Line 5
|
Line 5
|
| # pwchange - setuid script to change unix passwords |
# pwchange - setuid script to change unix passwords |
| # |
# |
| # YEAR=2001 |
# YEAR=2001 |
| # 10/23,11/13,11/15 Scott Harrison |
|
| # |
# |
| # YEAR=2002 |
# YEAR=2002 |
| # 02/19 Matthew Hall |
# 02/19 Matthew Hall |
|
Line 14
|
Line 13
|
| ### |
### |
| |
|
| use strict; |
use strict; |
| |
my $noprint = 1; |
| |
|
| |
|
| |
|
| |
print "In pwchange\n" unless $noprint; |
| |
print "Real uid = $< effective uid = $> \n" unless $noprint; |
| # ------------------------------------------------------------------ Untainting |
# ------------------------------------------------------------------ Untainting |
| $ENV{'PATH'}='/bin:/usr/bin'; # Nullify path information. |
$ENV{'PATH'}='/bin:/usr/bin'; # Nullify path information. |
| delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints |
delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints |
| |
|
| # ---------------------------- Make sure this process is running from user=root |
# ---------------------------- Make sure this process is running from user=root |
| my $wwwid=getpwnam('www'); |
|
| if (0!=$<) { |
if (0 != $<) { |
| |
print "Username not root" unless $noprint; |
| exit 1; |
exit 1; |
| } |
} |
| # ----------------------------------------------- If not running setuid as root |
# ----------------------------------------------- If not running setuid as root |
| if ($>!=0) { |
if ($>!=0) { |
| |
print "Not setuid to root" unless $noprint; |
| exit 1; |
exit 1; |
| } |
} |
| |
|
|
Line 33 if ($>!=0) {
|
Line 39 if ($>!=0) {
|
| my $user=shift @ARGV; |
my $user=shift @ARGV; |
| $user=~/^(\w+)$/; |
$user=~/^(\w+)$/; |
| my $safe=$1; |
my $safe=$1; |
| |
print "Save user = $safe" unless $noprint; |
| |
|
| my $pword=<>; |
my $pword=<>; |
| chomp $pword; |
chomp $pword; |
| unless (length($safe) and ($user eq $safe) and ($safe=~/^[A-Za-z]/)) { |
unless (length($safe) and ($user eq $safe) and ($safe=~/^[A-Za-z]/)) { |
| exit 2; |
exit 2; |
| } |
} |
| |
print "Password = $pword" unless $noprint; |
| my $pbad=0; |
my $pbad=0; |
| foreach (split(//,$pword)) {if ((ord($_)<32)||(ord($_)>126)){$pbad=1;}} |
foreach (split(//,$pword)) {if ((ord($_)<32)||(ord($_)>126)){$pbad=1;}} |
| exit 3 if $pbad; |
exit 3 if $pbad; |
| |
|
| # --------------------------------------------------------- Call system command |
# --------------------------------------------------------- Call system command |
| open OUT,"|passwd --stdin $safe >/dev/null"; |
my $distro; |
| print OUT $pword; |
if (open(PIPE,"perl distprobe|")) { |
| print OUT "\n"; |
$distro = <PIPE>; |
| close OUT; |
close(PIPE); |
| |
} |
| |
if ($distro =~ /^ubuntu|debian/) { |
| |
open(OUT,"|/usr/sbin/usermod -p `mkpasswd $pword` $safe"); |
| |
close(OUT); |
| |
} else { |
| |
open(OUT,"|passwd --stdin $safe >/dev/null"); |
| |
print OUT $pword; |
| |
print OUT "\n"; |
| |
close(OUT); |
| |
} |
| |
|
| # --------------------------------------- exit with status of command execution |
# --------------------------------------- exit with status of command execution |
| exit $?/256; |
exit $?/256; |
![[BACK]](/icons/back.gif){kind=icon}
Return to pwchange CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom