Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl: the Markov chain saw

Re: CGI and root permissions

by perlcgi (Hermit)
on May 29, 2000 at 16:18 UTC ( #15279=note: print w/replies, xml ) Need Help??

in reply to CGI and root permissions

Lincoln Stein has a module user_manage: The All-Purpose Web Server User Management Script.
I have not used it!
In the docs Lincoln suggests how in order for the script to be able to update password and group files, not only must it have write access to the files themselves, but to the directory that contains them (the script creates lock and other temporary files within the directory). He suggests three alternatives
1. Run as a SUID Script
2. Run as a SGID Script
3. The scary option - Keep the Password and Group Files in a Directory writable by "nobody".

Maybe the solution you have is not so bad after all?

Replies are listed 'Best First'.
RE: Re: CGI and root permissions
by aCC (Initiate) on May 29, 2000 at 20:52 UTC
    Unfortunately the README of that module says:

    Don't Use This Script to Change /etc/passwd or /etc/group !!

    The file formats are different. You will destroy your system if you try it.

    The Script Doesn't Handle NIS, POP or System Passwords

    It's designed for updating passwords on the Web only. If you want to allow users to change their POP, NIS or system passwords via a Web interface, you're going to have to roll your own.

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://15279]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others rifling through the Monastery: (2)
As of 2022-11-26 11:30 GMT
Find Nodes?
    Voting Booth?