> Hello again, folks. I have a bit of a dilemma here.
Yes, you do.
You need to look at what you are trying to protect yourself from.
For example, are you worried that someone can download your database?
If so, why are you not worried that they could download your decrypt program?
If they can download your encrypt program, then they can decrypt the data.
Or, they can find out what file has the key and then download that.
> The problem: If this program is installed on the server, it will
> obviously be very easy for someone to decrypt the data I encrypt
> using this program. They won't be asked for a password.
Are you worried about remote users, or are there other people that logon to
the server? Will those other people be able to get root permission? (If so,
all bets are off.) If not: are you sure? If you are sure, then have the
decrypt program do a set[e]uid() and make sure it's invoker is the web
server.
This means you have to make sure nobody can break into the web server
account.
(Which can be easier to crack than root, cf apache.org :)
> I also need to create a CGI script that will allow my customers
> to change their shell/mail/dialup passwords. I know other ISPs
> have done this, but I can't think of a good way to do it that won't
> compromise system security.
What security? :)
Use SSL for privacy. Require them to enter their old password, and their
new password twice. Try to login as the user with the old password. If
that works, run the 'passwd' command. Details depend greatly on what
servers are providing the services whose passwords need changing.
/r$
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
