From owner-freebsd-questions  Sun Apr 12 10:57:16 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id KAA06137
          for freebsd-questions-outgoing; Sun, 12 Apr 1998 10:57:16 -0700 (PDT)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from mail.netcetera.dk (root@sleipner.netcetera.dk [194.192.207.2])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id KAA06069
          for <freebsd-questions@freebsd.org>; Sun, 12 Apr 1998 10:57:11 -0700 (PDT)
          (envelope-from leifn@image.dk)
Received: (from uucp@localhost)
	by mail.netcetera.dk (8.8.8/8.8.8) with UUCP id TAA13462
	for freebsd-questions@freebsd.org; Sun, 12 Apr 1998 19:52:40 +0200
Received: by swimsuit.swimsuit.roskildebc.dk (0.99.970109)
	id AA01867; 12 Apr 98 19:51:31 +0100
From: leifn@image.dk (Leif Neland)
Date: 12 Apr 98 18:50:37 +0100
Subject: Re: password change via the web?!
Message-ID: <b0a_9804121951@swimsuit.swimsuit.roskildebc.dk>
Organization: Fidonet: Swimsuit Safari. Go for it. 
To: freebsd-questions@FreeBSD.ORG
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

At 11 Apr 98 21:33:32 "Three goddesses, Venus figures" wrote regarding Re:
password change via the web?!

 >> Such a script would be very hard to make secure, because to change a
 >> password, you have to run with root's permissions.

 g> Actually, you could use a perl/expect combo to do this without
 g> running as root and without hacking the passwd code.

Something like this script in pseudolanguage?

 # call script with parameters user old_password new_password
 echo $2 | su - $1
 echo $2\n$3\n$3\n|passwd $1
 exit

expect should be able to do this.


Leif Neland
leifn@internet.dk

---
|Fidonet:  Leif Neland 2:234/49
|Internet: leifn@image.dk


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message