1: #!/usr/bin/perl
2:
3: # The Learning Online Network with CAPA
4: #
5: # pwchange - setuid script to change unix passwords
6: #
7: # YEAR=2001
8: # 10/23,11/13,11/15 Scott Harrison
9: #
10: # YEAR=2002
11: # 02/19 Matthew Hall
12: #
13: # $Id: pwchange,v 1.8 2002/09/19 02:02:59 foxr Exp $
14: ###
15:
16: use strict;
17: my $noprint = 1;
18:
19:
20:
21: print "In pwchange\n" unless $noprint;
22: print "Real uid = $< effective uid = $> \n" unless $noprint;
23: # ------------------------------------------------------------------ Untainting
24: $ENV{'PATH'}='/bin:/usr/bin'; # Nullify path information.
25: delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints
26:
27: # ---------------------------- Make sure this process is running from user=root
28:
29: if (0 != $<) {
30: print "Username not root" unless $noprint;
31: exit 1;
32: }
33: # ----------------------------------------------- If not running setuid as root
34: if ($>!=0) {
35: print "Not setuid to root" unless $noprint;
36: exit 1;
37: }
38:
39: # ----------------------------------------------- Make sure arguments are valid
40: my $user=shift @ARGV;
41: $user=~/^(\w+)$/;
42: my $safe=$1;
43: print "Save user = $safe" unless $noprint;
44:
45: my $pword=<>;
46: chomp $pword;
47: unless (length($safe) and ($user eq $safe) and ($safe=~/^[A-Za-z]/)) {
48: exit 2;
49: }
50: print "Password = $pword" unless $noprint;
51: my $pbad=0;
52: foreach (split(//,$pword)) {if ((ord($_)<32)||(ord($_)>126)){$pbad=1;}}
53: exit 3 if $pbad;
54:
55: # --------------------------------------------------------- Call system command
56: open OUT,"|passwd --stdin $safe >/dev/null";
57: print OUT $pword;
58: print OUT "\n";
59: close OUT;
60:
61: # --------------------------------------- exit with status of command execution
62: exit $?/256;
63:
64: =head1 NAME
65:
66: pwchange - setuid script to change unix passwords
67:
68: =head1 DESCRIPTION
69:
70: Setuid script to change unix passwords.
71:
72: =head1 README
73:
74: Setuid script to change unix passwords.
75:
76: =head1 PREREQUISITES
77:
78: =head1 COREQUISITES
79:
80: =pod OSNAMES
81:
82: linux
83:
84: =pod SCRIPT CATEGORIES
85:
86: LONCAPA/Administrative
87:
88: =cut
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>