Date: Tue, 14 Dec 2004 13:44:41 -0500 From: Alexander Chamandy <bsdfreak@gmail.com> To: freebsd-questions@freebsd.org Subject: Re: web-based password checking tool? Message-ID: <f420b2a104121410446ff0c72f@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
The solution I've seen people use in the past is Webmin (http://www.webmin.com/), but I haven't heard great things about its security. I would use it cautiously if you are looking for that functionality. The problem I'd note is that in order to attain convenience in the traditional sense, one must generally sacrifice layers of security. In this case, allowing a web interface to change users' authentication credentials provides risks (compromise, information leakage, etc.) and rewards (enhanced usability for novice users, added convenience). - Hide quoted text - On Tue, 14 Dec 2004 15:41:07 -0300 (ART), Fernando Gleiser <fgleiser@cactus.fi.uba.ar> wrote: > I have a FreeBSD box with more then 400 accounts. the users are > non-technical, administrative kind of persons. > > The box is working as a mail server, with sendmail as MTA and cyrus IMAPd, > authenticating against the system files (/etc/master.passwd) not using > SASL. > > I need a web based tool to let the users change their passwords, since > they don't have shell access, a web-based solution seems like the > only way to let them do it without bothering the admins. -- Best wishes, Alexander G. Chamandy Webmaster www.bsdfreak.org Your Source For BSD News!
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?f420b2a104121410446ff0c72f>