Date: Thu, 22 Apr 1999 21:57:53 -0700 (PDT) From: Nicole Harrington <nicole@nmhtech.com> To: Cliff Reardon <cj@tas.webnet.com.au>, freebsd-isp@freebsd.org Subject: Re: Web Based Script for passwd- found it Message-ID: <XFMail.990422215753.nicole@nmhtech.com> In-Reply-To: <001701be8d3a$c49b8a60$41500acb@tas.webnet.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
Ok I found the sources for the scripts. You want poppasswd (In mail) for the daemon and WWWpass (in WWW) for the script to interface to it. http://www.westnet.com/providers/ If you get either of these working or make improvements, please share these back to the list. Thanks Nicole On 23-Apr-99 My Secret Spies Reported That Cliff Reardon wrote: > Hi Nicole, > > If you could get me a copy of the script, I would be grateful.. > > Cheers & Beers > > Cliff > > ----- Original Message ----- > From: Nicole Harrington <nicole@nmhtech.com> > To: Mark Conway Wirt <mark@intrepid.net> > Cc: <freebsd-isp@FreeBSD.ORG>; Anthony Capone <capone@cap1.net>; W.Reilly > Cooley <wcooley@nakedape.navi.net> > Sent: Friday, 23 April 1999 13:16 > Subject: Re: Web Based Script for passwd > > >> >> On 31-Mar-99 My Secret Spies Reported That Mark Conway Wirt wrote: >> > On Mon, Mar 29, 1999 at 10:12:41PM -0800, W. Reilly Cooley wrote: >> >> I've considered a web-based interface for users to modify their >> >> configurations (mail forwarding, etc), but giving users access using > their >> >> UNIX passwords through a web interface is a /big/ security hole. See >> >> http://www.apache.org/docs/misc/FAQ.html#passwdauth for an explanation. >> >> This might be reasonable, if, for example, you only permit access from >> >> within your net block. But even then it's sketchy... >> > >> > >> >> Sorry for the late reply, I'm a little behind on my mail.. >> >> Eudora has a cool feature that allows someone to change their passwd via >> the email program. You run a daemon on your server that answers on a > specific >> port and acts as an interface to the password program. I found a perl > script >> that you can setup to replace the eudora mailer and allow passwd changes > safely >> via a web page by having the webpage/CGI script talk to the server on the > port. >> Of course via a SSL web page is the only really safe way, but there are > now no >> chroot problems. >> >> If anyone is interested I will try to dig out the program. I have been > trying >> to find the time to set it up for some time now. >> >> >> Nicole >> >> >> >> > Does it have to be Web based? We have a mail based one -- the user >> > sends a message to support with the subject of HOURS, and procmail >> > kicks of a perl script that mails them the information back. Seems to >> > work well, and the nice thing about it is a user can only check their >> > hours, and it needs no authentication. It checks the hours of the >> > account that sent the mail, and sends the results back to that >> > address, so even if someone forges the "from" header, they wont see >> > the result.... >> > >> > --Mark >> > >> > >> > To Unsubscribe: send mail to majordomo@FreeBSD.org >> > with "unsubscribe freebsd-isp" in the body of the message >> >> |\ __ /| (`\ >> | o_o |__ ) ) >> // \\ >> nicole@nmhtech.com | http://www.webweaver.net/ >> webmistress@dangermouse.org | http://www.dangermouse.org >> -------------------------(((---(((----------------------- >> >> - Powered by Coka Cola and FreeBSD - >> - Stong enough for a man - But made for a Woman - >> >> - I'm not ADD - I'm just Multithreaded - >> - Microsoft: What bug would you like today? - >> ---------------------------------------------------------- >> SYSADMIN(1) >> Sysadmin is the keeper of all things computer, is generally harangued, > must be >> supplied with caffeine, chocolate, and sushi in order to function >> properly, >> cannot be exposed to direct sunlight, and must not be allowed to have a > life. >> >> >> >> >> >> To Unsubscribe: send mail to majordomo@FreeBSD.org >> with "unsubscribe freebsd-isp" in the body of the message >> |\ __ /| (`\ | o_o |__ ) ) // \\ nicole@nmhtech.com | http://www.webweaver.net/ webmistress@dangermouse.org | http://www.dangermouse.org -------------------------(((---(((----------------------- - Powered by Coka Cola and FreeBSD - - Stong enough for a man - But made for a Woman - - I'm not ADD - I'm just Multithreaded - - Microsoft: What bug would you like today? - ---------------------------------------------------------- SYSADMIN(1) Sysadmin is the keeper of all things computer, is generally harangued, must be supplied with caffeine, chocolate, and sushi in order to function properly, cannot be exposed to direct sunlight, and must not be allowed to have a life. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.990422215753.nicole>