Beefy Boxes and Bandwidth Generously Provided by pair Networks
Clear questions and runnable code
get the best and fastest answer

Re: Changing a linux password

by Cubes (Pilgrim)
on Jul 25, 2001 at 02:05 UTC ( #99509=note: print w/replies, xml ) Need Help??

in reply to Changing a linux password

This came up on the CB the other day -- don't know if you're the same person, or the friend that guy was trying to help out, or someone else entirely, but I'll try to summarize the many good points that were brought up then.

First of all, changing passwords through a CGI script opens up some potentially huge security holes. If you don't require an SSL connection, anyone on the network can sniff out the passwords. Your CGI script will have to run as root to modify the passwd/shadow files, which means that any bugs or vulnerabilities in your script could have severe consequences for the entire system.

If you are determined to do this anyway, using established techniques and CPAN modules (such as Passwd::Linux) is probably much safer than trying to come up with your own solution.

If you want to change a linux password, you have to go through the shadow file and change it, one way or another. Trying to force a perl script to communicate with the system's passwd command, which is meant to be run interactively, is just asking for trouble. A little effort on your part now to learn about how linux passwords work and how to use the perl tools that manipulate them will save you a lot of headaches later.

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://99509]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others wandering the Monastery: (3)
As of 2023-03-21 20:53 GMT
Find Nodes?
    Voting Booth?
    Which type of climate do you prefer to live in?

    Results (60 votes). Check out past polls.