Date: Sat, 19 Jul 1997 17:33:18 -0600 (MDT) From: Justin Ashworth <ashworth@esus.cs.montana.edu> To: Troy Settle <rewt@i-Plus.net> Cc: Doug White <dwhite@resnet.uoregon.edu>, questions@FreeBSD.ORG Subject: Re: Change another user's password? Message-ID: <Pine.OSF.3.95.970719172725.3362A-100000@esus.cs.montana.edu> In-Reply-To: <199707192320.TAA22627@radford.i-plus.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 19 Jul 1997, Troy Settle wrote: > From: Justin Ashworth <ashworth@cs.montana.edu> > >Yes, but read my original message...the users don't have shell access. > >That's the whole tough thing about this. I guess it's just not doable. > > Have you thought about setting users' shells to /usr/bin/passwd? I've seen > it working on many other systems, and haven't noted any particular security > risks. That's been suggested and I actually considered it before. The problem is that we have about three machines with different passwd files (no NIS+ or rdist to speak of). If a user changes their password on the POP mail server, they will assume that it changed their password on the web server. The next time they go to upload their web page, they're going to call our support line and ask why their password doesn't work. Not worth the hassle. All I really need is a way for one user to change another user's password - if that's possible. Remember, su'ing to root is out of the question because I will need to be prompted for the old password so that not just anybody can change another user's password. Also note that the users can't change their passwords themselves because they don't have shell access. Any suggestions? - Justin Ashworth -- ashworth@cs.montana.edu - http://www.cs.montana.edu/~ashworth
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.OSF.3.95.970719172725.3362A-100000>