Gossamer Forum
(Advanced Search)
for
Home : General : Perl Programming :

reading /etc/shadow from a CGI script ...

Jan 1, 2000, 11:55 AM
flashonce
New User (2 posts)
Jan 1, 2000, 11:55 AM
Post #1 of 5
Views: 3051
Shortcut
Quote Reply
reading /etc/shadow from a CGI script ...
Hi,

Is it possible to open /etc/shadow (read-only of course), get the user's password and compare it to the user's input, from a CGI script that would be accessed by a browser?
Jan 1, 2000, 1:26 PM
GClemmons
User / Moderator (314 posts)
Jan 1, 2000, 1:26 PM
Post #2 of 5
Views: 2928
Shortcut
Quote Reply
Re: reading /etc/shadow from a CGI script ... In reply to
To do that would mean opening up the shadow file to the web server's user and would sort of defeat the purpose of having shadowed passwords.
-- Gordon --


------------------
$blah='82:84:70:77';
print chr($_) foreach (split/:/,$blah);

Jan 1, 2000, 5:44 PM
flashonce
New User (2 posts)
Jan 1, 2000, 5:44 PM
Post #3 of 5
Views: 2918
Shortcut
Quote Reply
Re: reading /etc/shadow from a CGI script ... In reply to
that could be dangerous indeed. ok. can anyone provide me a sample script that i can call from a browser that would verify if the name and password entered by the user is indeed valid. am in a SunOS environment.

thanks.
Jan 4, 2000, 1:11 PM
Alex
Administrator (9387 posts)
Jan 4, 2000, 1:11 PM
Post #4 of 5
Views: 2922
Shortcut
Quote Reply
Re: reading /etc/shadow from a CGI script ... In reply to
Have a look at `perldoc -f getpwent`

Cheers,

Alex
Jan 7, 2000, 3:48 AM
Patty
New User (2 posts)
Jan 7, 2000, 3:48 AM
Post #5 of 5
Views: 2929
Shortcut
Quote Reply
Re: reading /etc/shadow from a CGI script ... In reply to
I'm having the same problem. I would like to authenticate a user through a form. I'm working on a Unix Openserver 5.0.5. How is it possible to query the names and passwords of my users?

I have tried the command mentioned above but...nothing (

Any help would be appreciate.
Thank you.