[Zope] Changing the UNIX passwd from zope / python script

Dieter Maurer dieter@handshake.de
Fri, 4 May 2001 20:41:51 +0200 (CEST)


Bobby Mathew writes:
 > I needed to be able to change the passwd of a current zope user to sync his
 > passwords with my database. Is this possible ? I could provide an interface
 > and user could confirm the new password and then i could also sync his UNIX
 > password to the same !!! I am a newbie to both zope and python so i would
 > need explicit instructions if there is a solution.
Are you really sure, you want this?

  Unless you use HTTPS (or another secured transport),
  your passwords are send with each request almost
  in plain form (if you use Basic Authentication,
  Zope's default).

  It is not too difficult to snif network traffic.
  In the above mentioned setup, your Zope passwords
  are not very secure. If Zope and Unix passwords
  are identical, your Unix passwords are neither...

I definitely would not want to have this.

If I would, I would look for the PAM module (there is a Python
wrapper, but it requires root privileges).
Alternatively, I would use a PTY (pseudo terminal) and
automate 'passwd'.


Dieter