1: #!/usr/bin/perl
2:
3: # The Learning Online Network
4: #
5: # pwchange - setuid script to change unix passwords
6: #
7: # YEAR=2001
8: # 10/23,11/13,11/15 Scott Harrison
9: #
10: # $Id: pwchange,v 1.2 2001/11/15 18:13:32 harris41 Exp $
11: ###
12:
13: use strict;
14:
15: my $VERSION = 1.1;
16:
17: # ------------------------------------------------------------------ Untainting
18: $ENV{'PATH'}='/bin:/usr/bin'; # Nullify path information.
19: delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints
20:
21: # ----------------------------- Make sure this process is running from user=www
22: my $wwwid=getpwnam('www');
23: if ($wwwid!=$<) {
24: exit 1;
25: }
26: # ----------------------------------------------- If not running setuid as root
27: if ($>!=0) {
28: exit 1;
29: }
30:
31: # ----------------------------------------------- Make sure arguments are valid
32: my $user=shift @ARGV;
33: $user=~/^(\w+)$/;
34: my $safe=$1;
35: my $pword=<>;
36: chomp $pword;
37: unless (length($safe) and ($user eq $safe) and ($safe=~/^[A-Za-z]/)) {
38: exit 2;
39: }
40:
41: my $pbad=0;
42: map {if (($_<32)&&($_>126)){$pbad=1;}} (split(//,$pword));
43: exit 3 if $pbad;
44:
45: # --------------------------------------------------------- Call system command
46: open OUT,"|passwd --stdin $safe >/dev/null";
47: print OUT $pword;
48: print OUT "\n";
49: close OUT;
50:
51: # --------------------------------------- exit with status of command execution
52: exit $?/256;
53:
54: =head1 NAME
55:
56: pwchange - setuid script to change unix passwords
57:
58: =head1 DESCRIPTION
59:
60: Setuid script to change unix passwords.
61:
62: =head1 README
63:
64: Setuid script to change unix passwords.
65:
66: =head1 PREREQUISITES
67:
68: =head1 COREQUISITES
69:
70: =pod OSNAMES
71:
72: linux
73:
74: =pod SCRIPT CATEGORIES
75:
76: LONCAPA/Administrative
77:
78: =cut
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>