Date: 28 Apr 2001 16:49:57 -0400 From: Lowell Gilbert <lowell@world.std.com> To: freebsd-questions@freebsd.org, jesus@pasapues.com Subject: Re: passwd Message-ID: <44zod0zr4a.fsf@lowellg.ne.mediaone.net> In-Reply-To: jesus@pasapues.com's message of "28 Apr 2001 19:28:03 %2B0200" References: <EPEJLCLAKFDENCGMPJJDCEIPDFAA.jesus@pasapues.com>
next in thread | previous in thread | raw e-mail | index | archive | help
jesus@pasapues.com (Jesús Arnáiz) writes: > I'm programming a PERL Script able to add a new user to the system. > > How can I set the password of the new user with PERL code? (I thinked to use `passwd` > but I see it works interactively). Look at adduser(8) (located in /usr/sbin/), which is a Perl script for adding new users to the system, and which comes in the default FreeBSD base system. It uses pw(8) for the hard work of actually modifying the password files. It doesn't allow for specifying a password on the command line, because that potentially exposes the password to any local users. > I'm programming a PHP CGI Script able to add new users to the system. It's a little tricky to get the security on this sort of thing right, but of course "right" depends on your requirements. > I'm trying to do it making a PERL setuid script able to be run by httpd user (nobody) > which act as an interface. Note that suidperl is *not* actually installed on the system (well, technically it is, but it doesn't have the suid bit set) and that FreeBSD doesn't respect the suid bit on interpreted scripts (which includes perl as well as shell scripts). This is for security reasons. Although these protections can be disabled easily enough, I would discourage you from doing so unless you're sure you understand all of the security implications. Good luck. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44zod0zr4a.fsf>