This came up on the CB the other day -- don't know if you're the same person, or the friend that guy was trying to help out, or someone else entirely, but I'll try to summarize the many good points that were brought up then.

First of all, changing passwords through a CGI script opens up some potentially huge security holes. If you don't require an SSL connection, anyone on the network can sniff out the passwords. Your CGI script will have to run as root to modify the passwd/shadow files, which means that any bugs or vulnerabilities in your script could have severe consequences for the entire system.

If you are determined to do this anyway, using established techniques and CPAN modules (such as Passwd::Linux) is probably much safer than trying to come up with your own solution.

If you want to change a linux password, you have to go through the shadow file and change it, one way or another. Trying to force a perl script to communicate with the system's passwd command, which is meant to be run interactively, is just asking for trouble. A little effort on your part now to learn about how linux passwords work and how to use the perl tools that manipulate them will save you a lot of headaches later.

---

---

• Are you posting in the right place? Check out Where do I post X? to know for sure.
• Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:

  <code> <a> <b> <big> <blockquote> <br /> <dd> <dl> <dt> <em> <font> <h1> <h2> <h3> <h4> <h5> <h6> <hr /> <i> <li> <nbsp> <ol> <p> <small> <strike> <strong> <sub> <sup> <table> <td> <th> <tr> <tt> <u> <ul>

• Snippets of code should be wrapped in <code> tags not <pre> tags. In fact, <pre> tags should generally be avoided. If they must be used, extreme care should be taken to ensure that their contents do not have long lines (<70 chars), in order to prevent horizontal scrolling (and possible janitor intervention).
• Want more info? How to link or How to display code and escape characters are good places to start.