F
forrest stanley
Hello all,
I am attempting to run this C script as a non root user. (its actually
run from a webpage). The code runs as expected as root. This is a
password changing script. I have removed some of the mail message sent
out, and a few other items. I have tried to set the bit file to make
this script have rrot powers as its run (chmod u+x), but this did not
help. Included is a slightly stripped version of the password changer.
I was hoping someone might be able to review the code, and point out
what could be causing a segmentation fault.
#include <iostream>
#include <stdlib.h>
#include <stdio.h>
int main(int argc, char *argv[])
{
char npword[9];
char * username;
char * useremail;
username = argv[1];
useremail = argv[2];
//open a shell and generate password, read output
FILE* fnp = popen("/usr/bin/tr -dc 'A-z' < /dev/urandom | fold -7 |
head -1","r");
for (int i=0; i<8; i++) {
npword = fgetc(fnp);
}
pclose(fnp);
npword[8] = '\0';
//system call to set password file
FILE* fep = fopen("/tmp/newpw","w+");
fprintf(fep,"%s",npword);
fclose(fep);
//create email template
FILE* fne = fopen("/tmp/resetpassword","w+");
fprintf(fne,"
Login
%s
Password
%s
",username, npword);
fclose(fne);
//system call to send email
char mailpword[100];
char mailSubject[50] = "Your new password";
sprintf(mailpword,"mutt %s -s \"%s\" <
/tmp/resetpassword",useremail,mailSubject);
system(mailpword);
return 0;
}
I am attempting to run this C script as a non root user. (its actually
run from a webpage). The code runs as expected as root. This is a
password changing script. I have removed some of the mail message sent
out, and a few other items. I have tried to set the bit file to make
this script have rrot powers as its run (chmod u+x), but this did not
help. Included is a slightly stripped version of the password changer.
I was hoping someone might be able to review the code, and point out
what could be causing a segmentation fault.
#include <iostream>
#include <stdlib.h>
#include <stdio.h>
int main(int argc, char *argv[])
{
char npword[9];
char * username;
char * useremail;
username = argv[1];
useremail = argv[2];
//open a shell and generate password, read output
FILE* fnp = popen("/usr/bin/tr -dc 'A-z' < /dev/urandom | fold -7 |
head -1","r");
for (int i=0; i<8; i++) {
npword = fgetc(fnp);
}
pclose(fnp);
npword[8] = '\0';
//system call to set password file
FILE* fep = fopen("/tmp/newpw","w+");
fprintf(fep,"%s",npword);
fclose(fep);
//create email template
FILE* fne = fopen("/tmp/resetpassword","w+");
fprintf(fne,"
Login
%s
Password
%s
",username, npword);
fclose(fne);
//system call to send email
char mailpword[100];
char mailSubject[50] = "Your new password";
sprintf(mailpword,"mutt %s -s \"%s\" <
/tmp/resetpassword",useremail,mailSubject);
system(mailpword);
return 0;
}