>I need some help on another topic. I need to have a script that will
>interact with a software we are using. This software works client side,
>and sends my script a username and a passwd chosen by a customer. The
>script should make an account for that user.
>Basically, entries need to be made in /etc/passwd, /etc/group and
>/etc/shadow
>I can handle the entries for passwd and group but I don't know how to make
>an entry to the shadow file...someone told me that I can make a 'here'
>file which is a shell script but I can't get that to work. Could someone
>please help me out.
>thanx in advance
Normally, you would just run whatever utility shadows regular passwords,
if you don't mind a small race condition where local users can view the
hash in the regular passwd file for a short period of time. On my Solaris
box, the util is pwconv.
Are you interested in the security concerns of such a service? Firewalls
list, after all..
How do you control who gets to create accounts for themselves? Is your
environment such that it's not important who can create themselves an account?
Are you taking care that there are no exploitable holes in your script? It
obviously
has root interaction at some point, to be able to create accounts.
Ryan
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
