A question on csh/sh.
Brian Fitzgerald
fitz at mml0.meche.rpi.edu
Sun Nov 18 06:35:31 AEST 1990
>password change. Basically I want to do:
> myshscript oldpasswd newpasswd
IMHO, you might want to reconsider this idea for (at least) two reasons.
1. While your shell script is running, anyone else can see your entire
command line, including the plaintext oldpasswd and newpasswd, simply
by typing ps -a.
2. Since the /etc/passwd file is owned by root and not writable by
users, your shell script would have to be executable by everybody but
able to run with the privileges of root, or "suid root". In essence,
you want a "suid root shell script". Just yesterday in this newsgroup
Tom Christiansen reposted a detailed, technical explanation of the
security problems associated with doing this, and the difficulty (or
impossibility) of writing a secure suid root shell script.
If after reading this you now agree with (1) no plaintext passwords on
the command line, and (2) no suid root shell scripts you might as well
stick with good old /bin/passwd (an suid root binary executable), or
some public domain replacement, such as npasswd (anon ftp
emx.utexas.edu in /pub/npasswd).
Brian Fitzgerald
More information about the Comp.unix.shell
mailing list