[4136] in WWW Security List Archive
Re: adduser web page
daemon@ATHENA.MIT.EDU (Joe Loiacono)
Mon Jan 27 14:07:21 1997
Date: Mon, 27 Jan 1997 11:56:14 -0500
From: Joe Loiacono <jloiacon@csc.com>
To: nella@asis.com
CC: www-security@ns2.rutgers.edu
Errors-To: owner-www-security@ns2.rutgers.edu
nella@asis.com wrote:
>
> Is there any reason why it would not be possible to securely allow users to
> change their passwords via a web page and cgi script? Does anyone know if
> such a script already exists?
>
> Nella
The NCSA distribution of httpd has a change password program (written in
"C" and will need to be re-compiled after you've tailored it). I can't
see where it is any less secure than allowing cgi scripts in general.
Joe
--
In theory, theory and practice are the same;
In practice they're not!
