Menu
▾
▴
Re: More secure 'passwd' module?
|
From: Jamie C. <jca...@we...> - 2002-06-04 06:12:13
|
Since webmin 0.970, the passwd module has had support for running an external command (like /usr/bin/passwd) for doing the change, which you can set in the module config. If kerberos has some similar command, you might be able to use that .. - Jamie dwi...@dn... wrote: > > Speaking of passwd module, anyone adapted it to use kerberos? I just > converted all machines to use kerberos so I only have 1 password to keep > track of and was trying to find an easy way for people to change > passwords.. ? > > Dan > > On Tue, 4 Jun 2002, Jamie Cameron wrote: > > > Scott MacKay wrote: > > > > > > Hiyas, > > > Is there a more secure version of the password > > > change module? I am workin on restricting it down > > > (disallow you to change root password, only change > > > password of unlocked users or those with a specific > > > '*expired*' keyword), and noticed that the security > > > checks are not too tight. Namely, save_passwd.cgi > > > does not seem to do the same validation for password > > > change rights as the other modules. > > > > You can configure some of those access controls > > already in the password change module, by going into > > the Webmin Users module and clicking on 'Change Passwords' > > next to the name of a user. If there are any access > > control restrictions that you would like that are > > currently missing, tell me and it should be possible > > to add them. > > > > - Jamie |
