Annotation of loncom/pwchange, revision 1.6

1.1       harris41    1: #!/usr/bin/perl
                      2: 
1.4       harris41    3: # The Learning Online Network with CAPA
1.2       harris41    4: #
                      5: # pwchange - setuid script to change unix passwords
                      6: #
                      7: # YEAR=2001
                      8: # 10/23,11/13,11/15 Scott Harrison
                      9: #
1.6     ! matthew    10: # YEAR=2002
        !            11: # 02/19 Matthew Hall
        !            12: #
        !            13: # $Id: pwchange,v 1.5 2001/11/16 06:10:41 harris41 Exp $
1.2       harris41   14: ###
                     15: 
1.1       harris41   16: use strict;
1.2       harris41   17: 
                     18: # ------------------------------------------------------------------ Untainting
1.1       harris41   19: $ENV{'PATH'}='/bin:/usr/bin'; # Nullify path information.
1.2       harris41   20: delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints
1.1       harris41   21: 
1.5       harris41   22: # ---------------------------- Make sure this process is running from user=root
1.2       harris41   23: my $wwwid=getpwnam('www');
1.5       harris41   24: if (0!=$<) {
1.2       harris41   25:    exit 1;
                     26: }
                     27: # ----------------------------------------------- If not running setuid as root
1.1       harris41   28: if ($>!=0) {
                     29:     exit 1;
                     30: }
                     31: 
1.2       harris41   32: # ----------------------------------------------- Make sure arguments are valid
1.1       harris41   33: my $user=shift @ARGV;
                     34: $user=~/^(\w+)$/;
                     35: my $safe=$1;
                     36: my $pword=<>;
                     37: chomp $pword;
                     38: unless (length($safe) and ($user eq $safe) and ($safe=~/^[A-Za-z]/)) {
                     39:     exit 2;
                     40: }
                     41: 
                     42: my $pbad=0;
1.6     ! matthew    43: foreach (split(//,$pword)) {if ((ord($_)<32)||(ord($_)>126)){$pbad=1;}} 
1.1       harris41   44: exit 3 if $pbad;
                     45: 
1.2       harris41   46: # --------------------------------------------------------- Call system command
1.1       harris41   47: open OUT,"|passwd --stdin $safe >/dev/null";
                     48: print OUT $pword;
                     49: print OUT "\n";
                     50: close OUT;
                     51: 
1.2       harris41   52: # --------------------------------------- exit with status of command execution
1.1       harris41   53: exit $?/256;
1.2       harris41   54: 
                     55: =head1 NAME
                     56: 
                     57: pwchange - setuid script to change unix passwords
                     58: 
                     59: =head1 DESCRIPTION
                     60: 
                     61: Setuid script to change unix passwords.
                     62: 
                     63: =head1 README
                     64: 
                     65: Setuid script to change unix passwords.
                     66: 
                     67: =head1 PREREQUISITES
                     68: 
                     69: =head1 COREQUISITES
                     70: 
                     71: =pod OSNAMES
                     72: 
                     73: linux
                     74: 
                     75: =pod SCRIPT CATEGORIES
                     76: 
                     77: LONCAPA/Administrative
                     78: 
                     79: =cut

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>