From owner-freebsd-questions  Sat Apr 28 13:50:31 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from be-well.ilk.org (lowellg.ne.mediaone.net [24.147.184.128])
	by hub.freebsd.org (Postfix) with ESMTP id 78AEF37B423
	for <freebsd-questions@freebsd.org>; Sat, 28 Apr 2001 13:50:27 -0700 (PDT)
	(envelope-from lowell@be-well.ilk.org)
Received: (from lowell@localhost)
	by be-well.ilk.org (8.11.3/8.11.3) id f3SKnvR10666;
	Sat, 28 Apr 2001 16:49:57 -0400 (EDT)
	(envelope-from lowell)
To: freebsd-questions@freebsd.org, jesus@pasapues.com
Subject: Re: passwd
References: <EPEJLCLAKFDENCGMPJJDCEIPDFAA.jesus@pasapues.com>
From: Lowell Gilbert <lowell@world.std.com>
Date: 28 Apr 2001 16:49:57 -0400
In-Reply-To: jesus@pasapues.com's message of "28 Apr 2001 19:28:03 +0200"
Message-ID: <44zod0zr4a.fsf@lowellg.ne.mediaone.net>
Lines: 31
X-Mailer: Gnus v5.7/Emacs 20.7
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

jesus@pasapues.com (Jesús Arnáiz) writes:

> I'm programming a PERL Script able to add a new user to the system.
> 
> How can I set the password of the new user with PERL code? (I thinked to use `passwd`
> but I see it works interactively).

Look at adduser(8) (located in /usr/sbin/), which is a Perl script for
adding new users to the system, and which comes in the default FreeBSD
base system.  It uses pw(8) for the hard work of actually modifying
the password files.  It doesn't allow for specifying a password on the
command line, because that potentially exposes the password to any
local users.

> I'm programming a PHP CGI Script able to add new users to the system.

It's a little tricky to get the security on this sort of thing right,
but of course "right" depends on your requirements.

> I'm trying to do it making a PERL setuid script able to be run by httpd user (nobody)
> which act as an interface.

Note that suidperl is *not* actually installed on the system (well,
technically it is, but it doesn't have the suid bit set) and that
FreeBSD doesn't respect the suid bit on interpreted scripts (which
includes perl as well as shell scripts).  This is for security
reasons.  Although these protections can be disabled easily enough, I
would discourage you from doing so unless you're sure you understand
all of the security implications.

Good luck.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message