Abstract of INFO-MAC archived Text file 'comm/inet/mail/edr/eudora-pwserve-3.shar' Uploaded 09/29/1993 19517 bytes #!/bin/sh # This is a shell archive (shar 3.32) # made 02/11/1993 21:23 UTC by dorner@ux1.cso.uiuc.edu # Source directory /cso/staff/dorner # # existing files WILL be overwritten # # This shar contains: # length mode name # ------ ---------- ------------------------------------------ # 15723 -rw-r--r-- poppassd.c # 2030 -rw-r--r-- Makefile # if touch 2>&1 | fgrep 'amc' > /dev/null then TOUCH=touch else TOUCH=true fi # ============= poppassd.c ============== echo "x - extracting poppassd.c (Text)" sed 's/^X//' << 'SHAR_EOF' > poppassd.c && X/* X * poppassd.c X * X * Daemon to service Eudora "Change Password" requests. This program X * doesn't actually change any passwords itself. It simply listens for X * incomming requests, gathers the required information (user name, old X * password, new password) and executes /bin/passwd, talking to it over X * a pseudo-terminal pair. The advantage of this is that we don't need X * to have any knowledge of either the password file format (which may X * include dbx files that need to be rebuilt) or of any file locking X * protocol /bin/passwd and cohorts may use (and which isn't documented). X * X * Note that unencrypted passwords are transmitted over the network. If X * this bothers you, think hard about whether you want to implement Eudora's X * password changing feature. On the other hand, it's no worse than what X * happens when you run /bin/passwd while connected via telnet or rlogin. X * Well, maybe it is, since the use of a dedicated port makes it slightly X * easier for a network snooper to snarf passwords off the wire. X * X * NOTE: In addition to the security issue outlined in the above paragraph, X * you should be aware that this program is going to be run as root by X * ordinary users and it mucks around with the password file. This should X * set alarms off in your head. I think I've devised a pretty foolproof X * way to ensure that security is maintained, but I'm no security expert and X * you would be a fool to install this without first reading the code and X * ensuring yourself that what I consider safe is good enough for you. If X * something goes wrong, it's your fault, not mine. X * X * This is an adaptation of a server by the same name from dll@mitre.org X * (Daniel L. Leavitt of The MITRE Corporation). The front-end code (which X * talks to the Eudora client) is directly descended from his original