From owner-freebsd-questions Mon Apr 13 05:09:06 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id FAA08263 for freebsd-questions-outgoing; Mon, 13 Apr 1998 05:09:06 -0700 (PDT) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from indigo.ie (nsmart@ts01-28.waterford.indigo.ie [194.125.139.91]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id MAA08190 for ; Mon, 13 Apr 1998 12:08:59 GMT (envelope-from rotel@indigo.ie) Received: (from nsmart@localhost) by indigo.ie (8.8.8/8.8.7) id NAA01145; Mon, 13 Apr 1998 13:09:17 +0100 (IST) (envelope-from rotel@indigo.ie) From: Niall Smart Message-Id: <199804131209.NAA01145@indigo.ie> Date: Mon, 13 Apr 1998 13:09:17 +0000 In-Reply-To: leifn@image.dk (Leif Neland) "Re: password change via the web?!" (Apr 12, 8:58pm) Reply-To: rotel@indigo.ie X-Mailer: Mail User's Shell (7.2.6 beta(3) 11/17/96) To: leifn@image.dk (Leif Neland), freebsd-questions@FreeBSD.ORG Subject: Re: password change via the web?! Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Apr 12, 8:58pm, Leif Neland wrote: } Subject: Re: password change via the web?! > At 12 Apr 98 18:45:06 Niall Smart wrote regarding Re: password change via the > web?! > > NS> Really? I hope not :) Another option would be to make it a > NS> suid root shell script BUT with only the web server having > NS> execute permission through supplementary groups. > > No need to suid to root, just suid to the user you want to change password for. > To do that, you need the password for the user. Good point, even does the necessary password checking for you. -- Niall Smart. Microsoft Suck. See www.freebsd.org for details. echo "#define if(x) if(!(x))" >> /usr/include/stdio.h To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message