Annotation of loncom/pwchange, revision 1.7

1.1       harris41    1: #!/usr/bin/perl
                      2: 
1.4       harris41    3: # The Learning Online Network with CAPA
1.2       harris41    4: #
                      5: # pwchange - setuid script to change unix passwords
                      6: #
                      7: # YEAR=2001
                      8: # 10/23,11/13,11/15 Scott Harrison
                      9: #
1.6       matthew    10: # YEAR=2002
                     11: # 02/19 Matthew Hall
                     12: #
1.7     ! foxr       13: # $Id: pwchange,v 1.6 2002/02/19 21:51:09 matthew Exp $
1.2       harris41   14: ###
                     15: 
1.1       harris41   16: use strict;
1.7     ! foxr       17: my $noprint = 1;
1.2       harris41   18: 
                     19: # ------------------------------------------------------------------ Untainting
1.1       harris41   20: $ENV{'PATH'}='/bin:/usr/bin'; # Nullify path information.
1.2       harris41   21: delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints
1.1       harris41   22: 
1.5       harris41   23: # ---------------------------- Make sure this process is running from user=root
1.2       harris41   24: my $wwwid=getpwnam('www');
1.5       harris41   25: if (0!=$<) {
1.7     ! foxr       26:     print "Username not www" unless $noprint;
1.2       harris41   27:    exit 1;
                     28: }
                     29: # ----------------------------------------------- If not running setuid as root
1.1       harris41   30: if ($>!=0) {
1.7     ! foxr       31:     print "Not setuid to root" unless $noprint;
1.1       harris41   32:     exit 1;
                     33: }
                     34: 
1.2       harris41   35: # ----------------------------------------------- Make sure arguments are valid
1.1       harris41   36: my $user=shift @ARGV;
                     37: $user=~/^(\w+)$/;
                     38: my $safe=$1;
1.7     ! foxr       39: print "Save user = $safe" unless $noprint;
        !            40: 
1.1       harris41   41: my $pword=<>;
                     42: chomp $pword;
                     43: unless (length($safe) and ($user eq $safe) and ($safe=~/^[A-Za-z]/)) {
                     44:     exit 2;
                     45: }
1.7     ! foxr       46: print "Password = $pword" unless $noprint;
1.1       harris41   47: my $pbad=0;
1.6       matthew    48: foreach (split(//,$pword)) {if ((ord($_)<32)||(ord($_)>126)){$pbad=1;}} 
1.1       harris41   49: exit 3 if $pbad;
                     50: 
1.2       harris41   51: # --------------------------------------------------------- Call system command
1.1       harris41   52: open OUT,"|passwd --stdin $safe >/dev/null";
                     53: print OUT $pword;
                     54: print OUT "\n";
                     55: close OUT;
                     56: 
1.2       harris41   57: # --------------------------------------- exit with status of command execution
1.1       harris41   58: exit $?/256;
1.2       harris41   59: 
                     60: =head1 NAME
                     61: 
                     62: pwchange - setuid script to change unix passwords
                     63: 
                     64: =head1 DESCRIPTION
                     65: 
                     66: Setuid script to change unix passwords.
                     67: 
                     68: =head1 README
                     69: 
                     70: Setuid script to change unix passwords.
                     71: 
                     72: =head1 PREREQUISITES
                     73: 
                     74: =head1 COREQUISITES
                     75: 
                     76: =pod OSNAMES
                     77: 
                     78: linux
                     79: 
                     80: =pod SCRIPT CATEGORIES
                     81: 
                     82: LONCAPA/Administrative
                     83: 
                     84: =cut

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>