01-16-2001
While these are all valid points, it sounds like the original poster was talking about an account he has at an ISP, so it is unlikely that he will be able to control the UID of the web-server or the allocation of user accounts.
Unless your ISP is using wrappers on the CGI programs, it is likely that you will have to allow group read to your scripts for them to execute. You should never hard-code passwords in plain text into your scripts, instead use encrypted passwords (relatively easy to implement in many languages -- there are usually libraries available to help you) or look into using the htaccess files.
Good luck...
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi
I need to access files from a specific folder of a Linux system from an another Linux System Remotely.
I know how to, Export a folder on One SCO System & can access the same by using Import via., NFS in the Sco Unix SVR4 System using the scoadmin utility.
Also, I know to use mount -t ... (2 Replies)
Discussion started by: S.Vishwanath
2 Replies
2. Shell Programming and Scripting
Hi,
I need (have been asked/order/instructed) to migrate the access of a number of ksh scripts into a html/web page environment. Currently access is with the user logging onto a unix box and accessing the scripts that way. The users are not unix people so I have restricted the access solely to... (4 Replies)
Discussion started by: nhatch
4 Replies
3. Shell Programming and Scripting
Hi All,
I have declared a variable in script1 and assign a value for it. In script2 i'll call script1 and then I want the value of variables set in script1.
I have tried with export, but in vain.
How can I achive this?
Below is the two scripts.
--script1
#!/usr/bin/ksh
echo $1... (1 Reply)
Discussion started by: javaDev
1 Replies
4. Shell Programming and Scripting
Hi,
I have to write a program to compute the checksums of files
./script.sh
I wrote the program using bash and it took me forever since I am a beginner but it works very well.
I'm getting so close to the deadline and I realised today that actually I have to use normal Bourne shell... (3 Replies)
Discussion started by: pgarg1989
3 Replies
5. UNIX for Dummies Questions & Answers
hi all,
i want to know y kernel is giving access for multiple users to access a file when one user may be the owner is executing that file. Because other user can manipulate that file when the other user is executing that file, it will give the unexpected result to owner . plz help me... (1 Reply)
Discussion started by: jimmyuk
1 Replies
6. Shell Programming and Scripting
i want to access database (sql script) within a unix script.
help me (2 Replies)
Discussion started by: chamaraa
2 Replies
7. Shell Programming and Scripting
Hi,
I have two scripts say one.sh and two.sh.
I want one.sh to continuously export a variable in loop. and when two.sh starts then it should read the last value exported from one.sh.
file: one.sh
#! bin/sh
for i in `seq 1 1 4000000`; do
export VAR=$(($i**$i)) ;
done
file two.sh
... (2 Replies)
Discussion started by: bhushan123
2 Replies
8. Shell Programming and Scripting
Dear Members,
I have a table REQUESTS in Oracle which has an attribute REQUEST_ACTION. The entries in REQUEST_ACTION are like, ME, MD, ND, NE etc.
I would like to create a script which will will call other scripts based on the request action.
Can we directly read from the REQUEST_ACTION... (2 Replies)
Discussion started by: Yoodit
2 Replies
9. Shell Programming and Scripting
Hi,
How to restrict access to a .ksh script in such the way that the users can only execute the script, neither read nor write.
I tried the below code so that my user alone has the rwx and other users can only execute.
chmod 711 sample.ksh
But when I logged in as a different user... (26 Replies)
Discussion started by: machomaddy
26 Replies
10. Solaris
Hi All,
I want to configure samba share permission so that only directory creator/owner has a read and write permission and other users should not have any read/write access to that folder.Will that be possible and how can this be achieved within samba configuration.
Regards,
Sahil (1 Reply)
Discussion started by: sahil_shine
1 Replies
CHPASSWD(8) System Management Commands CHPASSWD(8)
NAME
chpasswd - update passwords in batch mode
SYNOPSIS
chpasswd [options]
DESCRIPTION
The chpasswd command reads a list of user name and password pairs from standard input and uses this information to update a group of
existing users. Each line is of the format:
user_name:password
By default the passwords must be supplied in clear-text, and are encrypted by chpasswd. Also the password age will be updated, if present.
By default, passwords are encrypted by PAM, but (even if not recommended) you can select a different encryption method with the -e, -m, or
-c options.
Except when PAM is used to encrypt the passwords, chpasswd first updates all the passwords in memory, and then commits all the changes to
disk if no errors occurred for any user.
When PAM is used to encrypt the passwords (and update the passwords in the system database) then if a password cannot be updated chpasswd
continues updating the passwords of the next users, and will return an error code on exit.
This command is intended to be used in a large system environment where many accounts are created at a single time.
OPTIONS
The options which apply to the chpasswd command are:
-c, --crypt-method METHOD
Use the specified method to encrypt the passwords.
The available methods are DES, MD5, NONE, and SHA256 or SHA512 if your libc support these methods.
By default, PAM is used to encrypt the passwords.
-e, --encrypted
Supplied passwords are in encrypted form.
-h, --help
Display help message and exit.
-m, --md5
Use MD5 encryption instead of DES when the supplied passwords are not encrypted.
-R, --root CHROOT_DIR
Apply changes in the CHROOT_DIR directory and use the configuration files from the CHROOT_DIR directory.
-s, --sha-rounds ROUNDS
Use the specified number of rounds to encrypt the passwords.
The value 0 means that the system will choose the default number of rounds for the crypt method (5000).
A minimal value of 1000 and a maximal value of 999,999,999 will be enforced.
You can only use this option with the SHA256 or SHA512 crypt method.
By default, the number of rounds is defined by the SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS variables in /etc/login.defs.
CAVEATS
Remember to set permissions or umask to prevent readability of unencrypted files by other users.
CONFIGURATION
The following configuration variables in /etc/login.defs change the behavior of this tool:
SHA_CRYPT_MIN_ROUNDS (number), SHA_CRYPT_MAX_ROUNDS (number)
When ENCRYPT_METHOD is set to SHA256 or SHA512, this defines the number of SHA rounds used by the encryption algorithm by default (when
the number of rounds is not specified on the command line).
With a lot of rounds, it is more difficult to brute forcing the password. But note also that more CPU resources will be needed to
authenticate users.
If not specified, the libc will choose the default number of rounds (5000).
The values must be inside the 1000-999,999,999 range.
If only one of the SHA_CRYPT_MIN_ROUNDS or SHA_CRYPT_MAX_ROUNDS values is set, then this value will be used.
If SHA_CRYPT_MIN_ROUNDS > SHA_CRYPT_MAX_ROUNDS, the highest value will be used.
Note: This only affect the generation of group passwords. The generation of user passwords is done by PAM and subject to the PAM
configuration. It is recommended to set this variable consistently with the PAM configuration.
FILES
/etc/passwd
User account information.
/etc/shadow
Secure user account information.
/etc/login.defs
Shadow password suite configuration.
/etc/pam.d/chpasswd
PAM configuration for chpasswd.
SEE ALSO
passwd(1), newusers(8), login.defs(5), useradd(8).
shadow-utils 4.5 01/25/2018 CHPASSWD(8)