From: Jamie C. <jca...@we...> - 2002-06-04 00:34:29
|
Scott MacKay wrote: > > Hiyas, > Is there a more secure version of the password > change module? I am workin on restricting it down > (disallow you to change root password, only change > password of unlocked users or those with a specific > '*expired*' keyword), and noticed that the security > checks are not too tight. Namely, save_passwd.cgi > does not seem to do the same validation for password > change rights as the other modules. You can configure some of those access controls already in the password change module, by going into the Webmin Users module and clicking on 'Change Passwords' next to the name of a user. If there are any access control restrictions that you would like that are currently missing, tell me and it should be possible to add them. - Jamie |