Hi all. > On Mon, 22 Apr 2002 22:35:53 +1000 > Ian Cumming <[EMAIL PROTECTED]> wrote: > > I've come across this problem too. I think i searched freshmeat.net, and > > found a few scripts which did the trick - however I wasn't confident > > enough to put them into place. > > > > Is www a priority? You could write a simple perl script which securely > > launched passwd, and set the script to be the user's shell. This is what > > I do on my server.
yes. www is a priority (but hmmmmmm.... users does not have shells. In this fact are any other solutions ? > > ps: if anyone *does* have a good cgi for changing passwords, please send > > it to me :) me too !!! :) > Have a look at cgipasswd on freshmeat.net > You need a suid cgi script, it's important to filter the form inputs > against a list of valid characters. It is working on suid :( Is it secure ? Probably not. Maybe if I will have LIDS for Linux it will solve it. But which rules I must set ? Regards, Marcin Bednarz. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
