From owner-freebsd-questions  Mon Apr 13 00:22:41 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id AAA22096
          for freebsd-questions-outgoing; Mon, 13 Apr 1998 00:22:41 -0700 (PDT)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from mail.netcetera.dk (root@sleipner.netcetera.dk [194.192.207.2])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id AAA22049
          for <freebsd-questions@freebsd.org>; Mon, 13 Apr 1998 00:22:08 -0700 (PDT)
          (envelope-from leifn@image.dk)
Received: (from uucp@localhost)
	by mail.netcetera.dk (8.8.8/8.8.8) with UUCP id JAA18460
	for freebsd-questions@freebsd.org; Mon, 13 Apr 1998 09:19:34 +0200
Received: by swimsuit.swimsuit.roskildebc.dk (0.99.970109)
	id AA01876; 13 Apr 98 09:17:22 +0100
From: leifn@image.dk (Leif Neland)
Date: 12 Apr 98 20:58:05 +0100
Subject: Re: password change via the web?!
Message-ID: <b15_9804130917@swimsuit.swimsuit.roskildebc.dk>
Organization: Fidonet: Swimsuit Safari. Go for it. 
To: freebsd-questions@FreeBSD.ORG
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

At 12 Apr 98 18:45:06 Niall Smart wrote regarding Re: password change via the
web?!

 NS> Really?  I hope not :)  Another option would be to make it a
 NS> suid root shell script BUT with only the web server having
 NS> execute permission through supplementary groups.

No need to suid to root, just suid to the user you want to change password for.
To do that, you need the password for the user.


Leif Neland
leifn@internet.dk

---
|Fidonet:  Leif Neland 2:234/49
|Internet: leifn@image.dk


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message