From owner-freebsd-questions@FreeBSD.ORG  Tue Dec 14 18:51:33 2004
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id DFDD316A4CE
	for <freebsd-questions@freebsd.org>;
	Tue, 14 Dec 2004 18:51:33 +0000 (GMT)
Received: from rproxy.gmail.com (rproxy.gmail.com [64.233.170.196])
	by mx1.FreeBSD.org (Postfix) with ESMTP id CC5B843D45
	for <freebsd-questions@freebsd.org>;
	Tue, 14 Dec 2004 18:51:32 +0000 (GMT)
	(envelope-from bsdfreak@gmail.com)
Received: by rproxy.gmail.com with SMTP id 40so514203rnz
	for <freebsd-questions@freebsd.org>;
	Tue, 14 Dec 2004 10:51:21 -0800 (PST)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
	s=beta; d=gmail.com;
	h=received:message-id:date:from:reply-to:to:subject:mime-version:content-type:content-transfer-encoding;
	b=GEjldYPqFrcrvPUU7yOKTnc1ENFthQK0FFKgSEWymVSqIN7D15HSrUcU7DR8+mEWtSjTGlSIazz+l0bVBNPf+484JF5LNuzVopR8n8L8xurEUJBwPV2fNQmMCvtzxMYNZ1TpZBJMUga3DVscvz8qh9f4jhnwc49UaadjkDThmRE=
Received: by 10.38.8.44 with SMTP id 44mr9723rnh;
        Tue, 14 Dec 2004 10:44:41 -0800 (PST)
Received: by 10.38.179.34 with HTTP; Tue, 14 Dec 2004 10:44:41 -0800 (PST)
Message-ID: <f420b2a104121410446ff0c72f@mail.gmail.com>
Date: Tue, 14 Dec 2004 13:44:41 -0500
From: Alexander Chamandy <bsdfreak@gmail.com>
To: freebsd-questions@freebsd.org
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Subject: Re: web-based password checking tool?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: Alexander Chamandy <bsdfreak@gmail.com>
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Dec 2004 18:51:34 -0000

The solution I've seen people use in the past is Webmin
(http://www.webmin.com/), but I haven't heard great things about its
security.  I would use it cautiously if you are looking for that
functionality.  The problem I'd note is that in order to attain
convenience in the traditional sense, one must generally sacrifice
layers of security.  In this case, allowing a web interface to change
users' authentication credentials provides risks (compromise,
information leakage, etc.) and rewards (enhanced usability for novice
users, added convenience).
- Hide quoted text -


On Tue, 14 Dec 2004 15:41:07 -0300 (ART), Fernando Gleiser
<fgleiser@cactus.fi.uba.ar> wrote:
> I have a FreeBSD box with more then 400 accounts. the users are
> non-technical, administrative kind of persons.
>
> The box is working as a mail server, with sendmail as MTA and cyrus IMAPd,
> authenticating against the system files (/etc/master.passwd) not using
> SASL.
>
> I need a web based tool to let the users change their passwords, since
> they don't have shell access, a web-based solution seems like the
> only way to let them do it without bothering the admins.


-- 
Best wishes,

Alexander G. Chamandy
Webmaster
www.bsdfreak.org
Your Source For BSD News!