From owner-freebsd-isp  Thu Jan 30 20:58:05 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id UAA01525
          for isp-outgoing; Thu, 30 Jan 1997 20:58:05 -0800 (PST)
Received: from ns.cs.hku.hk (ns.cs.hku.hk [147.8.178.10])
          by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id UAA01518
          for <freebsd-isp@freebsd.org>; Thu, 30 Jan 1997 20:58:02 -0800 (PST)
Received: from champion (champion.cs.hku.hk) by ns.cs.hku.hk  with SMTP id AA13658
	(5.67b/IDA-1.5 for <freebsd-isp@freebsd.org>)
	Fri, 31 Jan 1997 12:57:23 +0800
Received: by champion (4.1/S2.0-sunos4)
	id AA19330; Fri, 31 Jan 97 12:56:36 HKT
Date: Fri, 31 Jan 1997 12:56:36 +0800 (HKT)
From: Doug Kwan ~{9XUq5B~} <ctkwan@cs.hku.hk>
To: Brandon Gillespie <brandon@cold.org>
Cc: Ernie Elu <ernie@spooky.eis.net.au>, freebsd-isp@freebsd.org
Subject: Re: Password change via Web page
In-Reply-To: <Pine.NEB.3.95.970130180648.22304A-100000@cold.org>
Message-Id: <Pine.SUN.3.91.970131125417.19166A-100000@champion>
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk



On Thu, 30 Jan 1997, Brandon Gillespie wrote:

> There are many, none of which you want to do because of extreme security
> problems (basically the CGI would hav to run as root, plus you would want
> to run it under an SSL server).

Not necessarily. I wrote a CGI programme in my system which calls
yppasswdd to update the users' passwords. I do not have SSL running
yet but I can restrict the CGI to handle requests only from our dial-up
lines.

-Doug