1: #!/usr/bin/perl
2:
3: # The Learning Online Network with CAPA
4: #
5: # pwchange - setuid script to change unix passwords
6: #
7: # YEAR=2001
8: # 10/23,11/13,11/15 Scott Harrison
9: #
10: # YEAR=2002
11: # 02/19 Matthew Hall
12: #
13: # $Id: pwchange,v 1.6 2002/02/19 21:51:09 matthew Exp $
14: ###
15:
16: use strict;
17:
18: # ------------------------------------------------------------------ Untainting
19: $ENV{'PATH'}='/bin:/usr/bin'; # Nullify path information.
20: delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints
21:
22: # ---------------------------- Make sure this process is running from user=root
23: my $wwwid=getpwnam('www');
24: if (0!=$<) {
25: exit 1;
26: }
27: # ----------------------------------------------- If not running setuid as root
28: if ($>!=0) {
29: exit 1;
30: }
31:
32: # ----------------------------------------------- Make sure arguments are valid
33: my $user=shift @ARGV;
34: $user=~/^(\w+)$/;
35: my $safe=$1;
36: my $pword=<>;
37: chomp $pword;
38: unless (length($safe) and ($user eq $safe) and ($safe=~/^[A-Za-z]/)) {
39: exit 2;
40: }
41:
42: my $pbad=0;
43: foreach (split(//,$pword)) {if ((ord($_)<32)||(ord($_)>126)){$pbad=1;}}
44: exit 3 if $pbad;
45:
46: # --------------------------------------------------------- Call system command
47: open OUT,"|passwd --stdin $safe >/dev/null";
48: print OUT $pword;
49: print OUT "\n";
50: close OUT;
51:
52: # --------------------------------------- exit with status of command execution
53: exit $?/256;
54:
55: =head1 NAME
56:
57: pwchange - setuid script to change unix passwords
58:
59: =head1 DESCRIPTION
60:
61: Setuid script to change unix passwords.
62:
63: =head1 README
64:
65: Setuid script to change unix passwords.
66:
67: =head1 PREREQUISITES
68:
69: =head1 COREQUISITES
70:
71: =pod OSNAMES
72:
73: linux
74:
75: =pod SCRIPT CATEGORIES
76:
77: LONCAPA/Administrative
78:
79: =cut
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>