[KLUG Members] Changing email password.

[Alfredo Barros]

> Hi Alfredo! Welcome to the list! I'm replying to the list because my
> suggestion could be very unwise and I am hoping the wisdom of the gurus
> will either strike down my idea or affirm it as a possibility. :)
Hi Tony and all list´s member! Thanks for your reply.

>
> For the rest of you, Alfredo is a friend of mine doing great things in
> Brazil. :)
Thanks Tony. Well, I had a great boss, teacher and friend while I lived in
Kalamazoo: YOU! :))))

>
> Do you mean the password they check their mail with? Like their POP3 or
> IMAP password? Or do you mean a password for authenticating to your
> outgoing (sendmail) mail server? There's got to be some way to let users
> do it because ISP's let their users do it all the time.
I use POP3. Every time, I connect to my email server, using telnet, and, as
root, I change the user´s password with the command passwd <user>.

>
> I could be very, very wrong about this, but you MIGHT be able to write a
> little PHP script (or perl) to handle this for you. A quick look at
> php.net yielded the "escapeshellarg()" and "escapeshellcmd()" functions
> for interacting with the shell. You could gather the input from the user
> in a web form, then set their password on the backend with one of these
> functions. Some of the user comments in the function descriptions say that
> "escapeshellarg()" is safer. It would be good to have your own string
> checking function to make sure what you're passing to the shell isn't
> malicious code. Heck, I'd build in a logging function too! The security of
> such a script is doubtful though. Note: I've never done this before! Try
> it in a test environment and try hard to break it to make sure it is
> secure.
Ok, I´ll try do program anything in PHP. You know, I like programming very
much. :)))))

>
> Here is some psuedo code, assuming you ask the user for their current
> password and a new password twice:
> function ChangePassword
> {
>    check current password
>       { if wrong, error out & exit }
>
>    compare new passwords
>       { if new & confirmation password don't match, error out & exit }
>
>    // assuming you get this far
>    exec to the shell and change the password
>    log the password change attempt
> }
>
> I must admit, for a programmer, I'm better at networking. :)
>
>
> Good luck!
Thanks for the advices.

Happy Easter to everyone.

Alfredo

>
>
> Tony
>
>
>
> > Hi there! Does anyone know any tool (web) that a user can change
> > his/her email account´s password by himself/herself? I´m using
> > sendmail.
> >
> > Thanks,
> >
> > Alfredo Barros
> > Administrador de Rede - Informática
> > Sistema HAPVIDA
> > Fone: (0xx85) 255-9130
> >
> > _______________________________________________
> > Members mailing list
> > Members@kalamazoolinux.org
> > 
>
>
> --
> Tony Gettig
> http://www.VoiceoversNow.com
> GBY!
>
>
>
> _______________________________________________
> Members mailing list
> Members@kalamazoolinux.org
>