[BACK]Return to pwchange CVS log [TXT] [DIR] Up to [LON-CAPA] / loncom
File:  [LON-CAPA] / loncom / pwchange
Revision 1.5: download - view: text, annotated - select for diffs
Fri Nov 16 06:10:41 2001 UTC (22 years, 5 months ago) by harris41
Branches: MAIN
CVS tags: stable_2002_spring, HEAD
minor yet big gotcha is fixed

    1: #!/usr/bin/perl
    2: 
    3: # The Learning Online Network with CAPA
    4: #
    5: # pwchange - setuid script to change unix passwords
    6: #
    7: # YEAR=2001
    8: # 10/23,11/13,11/15 Scott Harrison
    9: #
   10: # $Id: pwchange,v 1.5 2001/11/16 06:10:41 harris41 Exp $
   11: ###
   12: 
   13: use strict;
   14: 
   15: # ------------------------------------------------------------------ Untainting
   16: $ENV{'PATH'}='/bin:/usr/bin'; # Nullify path information.
   17: delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints
   18: 
   19: # ---------------------------- Make sure this process is running from user=root
   20: my $wwwid=getpwnam('www');
   21: if (0!=$<) {
   22:    exit 1;
   23: }
   24: # ----------------------------------------------- If not running setuid as root
   25: if ($>!=0) {
   26:     exit 1;
   27: }
   28: 
   29: # ----------------------------------------------- Make sure arguments are valid
   30: my $user=shift @ARGV;
   31: $user=~/^(\w+)$/;
   32: my $safe=$1;
   33: my $pword=<>;
   34: chomp $pword;
   35: unless (length($safe) and ($user eq $safe) and ($safe=~/^[A-Za-z]/)) {
   36:     exit 2;
   37: }
   38: 
   39: my $pbad=0;
   40: map {if (($_<32)&&($_>126)){$pbad=1;}} (split(//,$pword));
   41: exit 3 if $pbad;
   42: 
   43: # --------------------------------------------------------- Call system command
   44: open OUT,"|passwd --stdin $safe >/dev/null";
   45: print OUT $pword;
   46: print OUT "\n";
   47: close OUT;
   48: 
   49: # --------------------------------------- exit with status of command execution
   50: exit $?/256;
   51: 
   52: =head1 NAME
   53: 
   54: pwchange - setuid script to change unix passwords
   55: 
   56: =head1 DESCRIPTION
   57: 
   58: Setuid script to change unix passwords.
   59: 
   60: =head1 README
   61: 
   62: Setuid script to change unix passwords.
   63: 
   64: =head1 PREREQUISITES
   65: 
   66: =head1 COREQUISITES
   67: 
   68: =pod OSNAMES
   69: 
   70: linux
   71: 
   72: =pod SCRIPT CATEGORIES
   73: 
   74: LONCAPA/Administrative
   75: 
   76: =cut
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>