On Thu, Jul 30, 2009 at 02:42:41PM +0200, Olav Vitters wrote: > Could someone write a setuid wrapper for me? > > I'd like people to be able to reset their Mango LDAP password. For this > I'd like to have it work by allowing people to do: > ssh -l $USERID mango.gnome.org mango > > The fake mango command would call the setuid mango (not setuid root!) > script named:
Ehr.. to be clear: /usr/local/bin/mango-reset is a C program, which calls /usr/local/bin/mango-reset.py > /usr/local/bin/mango-reset (or something) > which calls: > /usr/local/bin/mango-reset.py $ORIGINAL_ID (or something, ENV variable > is also ok, at long as everything stays secure) > > > So I need a secure /usr/local/bin/mango-reset.c which checks which user > called it (so e.g. if someone logs in, I'd like to have my Python script > *securely* know which password / uid to reset. > Note: I prefer a number for the userid, e.g. 7810 or something. Think > that is more secure. > > Could someone write above for me, securely? > > Note: We already have something for signal-ftp-sync. Can't reuse it as I > want to know who called the setuid wrapper. > > -- > Regards, > Olav -- Regards, Olav _______________________________________________ gnome-infrastructure mailing list [email protected] http://mail.gnome.org/mailman/listinfo/gnome-infrastructure
