[BACK]Return to pwchange CVS log [TXT] [DIR] Up to [LON-CAPA] / loncom

Diff for /loncom/pwchange between versions 1.6 and 1.9

version 1.6, 2002/02/19 21:51:09 version 1.9, 2003/02/03 18:03:52
Line 5 Line 5
 # pwchange - setuid script to change unix passwords  # pwchange - setuid script to change unix passwords
 #  #
 # YEAR=2001  # YEAR=2001
 # 10/23,11/13,11/15 Scott Harrison  
 #  #
 # YEAR=2002  # YEAR=2002
 # 02/19 Matthew Hall  # 02/19 Matthew Hall
Line 14 Line 13
 ###  ###
   
 use strict;  use strict;
   my $noprint = 1;
   
   
   
   print "In pwchange\n" unless $noprint;
   print "Real uid = $< effective uid = $> \n" unless $noprint;
 # ------------------------------------------------------------------ Untainting  # ------------------------------------------------------------------ Untainting
 $ENV{'PATH'}='/bin:/usr/bin'; # Nullify path information.  $ENV{'PATH'}='/bin:/usr/bin'; # Nullify path information.
 delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints  delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints
   
 # ---------------------------- Make sure this process is running from user=root  # ---------------------------- Make sure this process is running from user=root
 my $wwwid=getpwnam('www');  
 if (0!=$<) {  if (0 != $<) {
       print "Username not root" unless $noprint;
    exit 1;     exit 1;
 }  }
 # ----------------------------------------------- If not running setuid as root  # ----------------------------------------------- If not running setuid as root
 if ($>!=0) {  if ($>!=0) {
       print "Not setuid to root" unless $noprint;
     exit 1;      exit 1;
 }  }
   
Line 33  if ($>!=0) { Line 39  if ($>!=0) {
 my $user=shift @ARGV;  my $user=shift @ARGV;
 $user=~/^(\w+)$/;  $user=~/^(\w+)$/;
 my $safe=$1;  my $safe=$1;
   print "Save user = $safe" unless $noprint;
   
 my $pword=<>;  my $pword=<>;
 chomp $pword;  chomp $pword;
 unless (length($safe) and ($user eq $safe) and ($safe=~/^[A-Za-z]/)) {  unless (length($safe) and ($user eq $safe) and ($safe=~/^[A-Za-z]/)) {
     exit 2;      exit 2;
 }  }
   print "Password = $pword" unless $noprint;
 my $pbad=0;  my $pbad=0;
 foreach (split(//,$pword)) {if ((ord($_)<32)||(ord($_)>126)){$pbad=1;}}   foreach (split(//,$pword)) {if ((ord($_)<32)||(ord($_)>126)){$pbad=1;}} 
 exit 3 if $pbad;  exit 3 if $pbad;
Removed from v.1.6  
changed lines
  Added in v.1.9

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>