in reply to CGI and root permissions

Lincoln Stein has a module user_manage: The All-Purpose Web Server User Management Script.
I have not used it!
In the docs Lincoln suggests how in order for the script to be able to update password and group files, not only must it have write access to the files themselves, but to the directory that contains them (the script creates lock and other temporary files within the directory). He suggests three alternatives
1. Run as a SUID Script
2. Run as a SGID Script
3. The scary option - Keep the Password and Group Files in a Directory writable by "nobody".

Maybe the solution you have is not so bad after all?

Comment on Re: CGI and root permissions

Replies are listed 'Best First'.
RE: Re: CGI and root permissions by aCC (Initiate) on May 29, 2000 at 20:52 UTC
Unfortunately the README of that module says: Don't Use This Script to Change /etc/passwd or /etc/group !! The file formats are different. You will destroy your system if you try it. The Script Doesn't Handle NIS, POP or System Passwords It's designed for updating passwords on the Web only. If you want to allow users to change their POP, NIS or system passwords via a Web interface, you're going to have to roll your own.	[reply]

Replies are listed 'Best First'.

RE: Re: CGI and root permissions
by aCC (Initiate) on May 29, 2000 at 20:52 UTC

Don't Use This Script to Change /etc/passwd or /etc/group !!

The Script Doesn't Handle NIS, POP or System Passwords

[reply]

In Section Seekers of Perl Wisdom