Loading ...
Sorry, an error occurred while loading the content.
 

[PBML] Re: Methods To Login Unix

Expand Messages
  • CN Liu
    ... Hello! Dan, The direction you gave me is very very helpful to me. It is almost the exact solution I need. The last, I hope, bottleneck I have is that
    Message 1 of 4 , Jan 10, 2000
      >
      > well, I can give you part of the solution - look at the crypt
      > function:
      >
      > (snip from 'perldoc -f crypt`):
      >
      > $pwd = (getpwuid($<))[1];
      >
      > system "stty -echo";
      > print "Password: ";
      > chomp($word = <STDIN>);
      > print "\n";
      > system "stty echo";
      >
      > if (crypt($word, $pwd) ne $pwd) {
      > die "Sorry...\n";
      > } else {
      > print "ok\n";
      > }
      >
      > which works quite well. Even with shadow files, since the getpwuid
      > call is privilaged, I guess? just be aware, the sending password
      > unencrypted over HTTP is a very very bad thing (TM).
      >
      Hello! Dan,

      The direction you gave me is very very helpful to me. It is almost the
      exact solution I need. The last, I hope, bottleneck I have is that
      function getpwuid does not return the password field in /etc/shadow.
      Instead, it returns "x" from /etc/passwd:

      #!/usr/local/bin/perl
      $pwd = (getpwuid($<))[1];
      print "===",$pwd,"===\n";
      ($name,$passwd,$gid,$members) = getgr*
      print "===",$passwd,"===\n";
      $pwd = (getpwuid(0))[1];
      print "===",$pwd,"===\n";

      Its output is:

      ===x===
      ======
      ===x===

      Best Regards,

      CN
    • Dan Boger
      On Mon, 10 Jan 2000 17:08:47 +0800 CN Liu wrote ... sorry, my mistake - it was working for me cause of our yp server. To be able to
      Message 2 of 4 , Jan 10, 2000
        On Mon, 10 Jan 2000 17:08:47 +0800 CN Liu <cn@...> wrote
        concerning '[PBML] Re: Methods To Login Unix':
        > The direction you gave me is very very helpful to me. It is almost the
        > exact solution I need. The last, I hope, bottleneck I have is that
        > function getpwuid does not return the password field in /etc/shadow.
        > Instead, it returns "x" from /etc/passwd:
        >
        > #!/usr/local/bin/perl
        > $pwd = (getpwuid($<))[1];
        > print "===",$pwd,"===\n";
        > ($name,$passwd,$gid,$members) = getgr*
        > print "===",$passwd,"===\n";
        > $pwd = (getpwuid(0))[1];
        > print "===",$pwd,"===\n";
        >
        > Its output is:
        >
        > ===x===
        > ======
        > ===x===
        >

        sorry, my mistake - it was working for me cause of our yp server. To
        be able to read the shadow password, you have to run a privilaged
        process - that's the whole point of having shadow passwords. I don't
        know how you'd be able to authunticate as a non root in a shadow
        environment.

        Anyone else has ideas?

        Dan
      Your message has been successfully submitted and would be delivered to recipients shortly.