home *** CD-ROM | disk | FTP | other *** search
#!/usr/bin/perl5 # # security-second.cgi # # Copyright 1988-1996 Silicon Graphics, Inc. # All rights reserved. # # This is UNPUBLISHED PROPRIETARY SOURCE CODE of Silicon Graphics, Inc.; # the contents of this file may not be disclosed to third parties, copied or # duplicated in any form, in whole or in part, without the prior written # permission of Silicon Graphics, Inc. # # RESTRICTED RIGHTS LEGEND: # Use, duplication or disclosure by the Government is subject to restrictions # as set forth in subdivision (c)(1)(ii) of the Rights in Technical Data # and Computer Software clause at DFARS 252.227-7013, and/or in similar or # successor clauses in the FAR, DOD or NASA FAR Supplement. Unpublished - # rights reserved under the Copyright Laws of the United States. # # $Id: security-second.cgi,v 1.8 1997/04/17 23:46:22 shotes Exp $ require "/usr/OnRamp/lib/OnRamp.pm"; if (!$ARGV[0]) { printf("Location: %s%c%c","/tasks/Tasks.security-start.cgi",10,10); } $myname = "security-second.cgi"; $passwd = "/etc/passwd"; $temp = "task.tmp2"; $dummy = "task.dummy"; $action = "security-second.cgi?loop"; $it = "<td><font size=5><i>"; $ni = "</i></font></td>"; &get_fields; &getOpenAccounts; if ($ARGV[0] eq 'loop') { %vals = %fld; } else { &readValues if $num_accounts > 0; } if ($ARGV[0] eq loop) { &writeFile; $go = "/tasks/security-third.cgi?s"; # printf("Location: %s%c%c",$go,10,10); print "Content-type: text/html\n\n"; print "<HTML><HEAD>"; print "<META HTTP-EQUIV=\"refresh\" CONTENT=\"0; URL=$go\">"; print "</HEAD><BODY></BODY></HTML>"; exit 0; } &generic; sub getOpenAccounts { $open_root = 0; $num_accounts = 0; while (($name,$pw,$d1,$d2,$d3,$d4,$d5,$d6,$d7) = getpwent) { if ($pw eq "") { $accounts{$name} = ""; $num_accounts++; } } $open_root = 1 if defined($accounts{'root'}); } sub readValues { open(IN,"< $temp"); while(<IN>) { @items = split(/=/); chop $items[1]; if (defined($accounts{$items[0]})) { $accounts{$items[0]} = $items[1]; } } close(IN); } sub writeFile { open(OUT,"> $temp"); if ($fld{'ALL'}) { # hack to close all accounts foreach $arg (keys(%accounts)) { if ($arg eq "root") { print OUT "$arg=$vals{'pw$arg'}\n" if ($vals{'pw$arg'} ne ""); } else { print OUT "$arg=close\n"; } } } else { foreach $arg (keys(%vals)) { $name = $arg; if ($arg =~ /^pw/) { $name =~ s/^pw//g; print OUT "$name=$vals{$arg}\n" if ($vals{$arg} ne ""); } elsif ($arg =~ /^cl/) { $name =~ s/^cl//g; print OUT "$name=close\n"; } } } close(OUT); } sub generic { print "Content-type: text/html\n\n"; print "<html><head><title>Security Setup (continued)</title>\n"; if ($num_accounts == 0) { &print_simple; exit 0; } print "<script language=\"JavaScript\">\n<!--\n"; # JavaScript print "function Next() { form = document.page2; if (!testInput(form)) return; setTimeout('form.submit()',0); return; } function Previous() { setTimeout('window.location=\"/tasks/Tasks.security-start.cgi?s\"',0); return; } function testInput(form) { still_open = false; "; # test root password if necessary if ($open_root) { print " if (form.pwroot.value == \"\") { password = prompt(\"\\nYou have not entered a root password. \\nThis severely compromises the security \\nof your machine.\\n\\nPlease enter a password for the root \\naccount:\",\"\"); while (true) { if (password == null) return (false); // Clicked \"Cancel\" error = testPassword(password); if (!error) { form.pwroot.value = password; break; } if (error == 1) password = prompt(\"\\nPasswords cannot contain the\\n\" + illegal + \" character.\\n\\nPlease enter a password for the \\nroot account:\",\"\"); if (error == 2) password = prompt(\"\\nPasswords cannot contain spaces.\\n\\nPlease enter a password for the \\nroot account:\",\"\"); } }\n"; } print " if (form.ALL.checked) return (true);\n"; # test each password foreach $arg (keys %accounts) { next if $arg eq "root"; print " error = testPassword(form.pw$arg.value); if (error == 1) { ", "errorBox(form.pw$arg,\"The $arg password cannot contain \\n", "the \" + illegal + \" character.\"); return (false); } ", "if (error == 2) { errorBox(form.pw$arg,\"The $arg password ", "cannot contain spaces.\"); ", "return (false); } \n"; print " if (form.pw$arg.value == \"\" && ", "(!form.cl$arg.checked)) still_open = true;\n"; } print " if (still_open) { return confirm(\"\\nSome accounts have ", "neither been closed nor given \\na password. This will leave ", "those accounts open \\nand your machine insecure.\\n\\n Are you ", "sure this is what you want to do?\"); } \n"; print " return (true); } function testPassword(word) { loginChars = \"{}()*!~<>?|[]'&^\$\@\#`\\\";:\\\\/+=,%\"; if (word == \"\") return 0; for(j = 0; j < loginChars.length; j++) { c = loginChars.charAt(j); if (word.indexOf(c, 0) != -1) { illegal = c; return 1; } } for (c = 0; c < word.length; c++) { if (word.charAt(c) == ' ') return 2; } return 0; } function errorBox (Ctrl, ErrorMessage) { alert (ErrorMessage); Ctrl.focus(); return; }\n"; print "//-->\n"; print "</script></head>\n\n"; print "<body bgcolor=\'a7b4ce\' background=/tasks/security-task.bg.gif>\n"; print "<table width=100%>", "<tr><th align=left><h1>Security Setup (continued)</h1></th>\n", "<th align=right><a href=\"/newsplash.shtml\">", "<img height=55 width=57 border=0 src=/tasks/home.gif></a>\n", " <a href=\"Tasks.shtml\">", "<img height=55 width=57 border=0 src=/tasks/back.gif></a>", "</tr></table>\n"; printf("\n<form name=\"page2\" action=\"%s\" method=post>\n", $action); print "<center><table width=620>\n"; print "<tr>$it Accounts: <br>$ni</tr>\n"; print "<tr><td>Remote users and applications are required to use an account whenever they access the server. You can increase security on the server by closing some or all of its accounts or by assigning account passwords. <br><br> The list below contains all accounts on the server that are currently unprotected. To secure the server, enter a password or check the <var>Close</var> box for each account. You can close all accounts in one step by selecting the <var>Close all accounts</var> box. </td></tr></table>\n\n"; print "<table width=320>\n"; print "<tr><td align=center><input type=checkbox name=ALL ", "value=1></td><td colspan=2><strong>Close all accounts</strong></td>", "</tr><tr><td></td></tr>\n"; print "<tr><th>Close?</th><th>Account name</th><th>Password</th></tr>\n"; foreach $arg (keys %accounts) { if ($accounts{$arg} eq "close") { $checked = "checked"; $pw = ""; } else { $checked = ""; $pw = $accounts{$arg}; } if ($arg eq "root") { print "<tr><td align=center></td><td> $arg</td><td align=center>", "<input type=text name=\"pw$arg\" value=\"$pw\" size=10>", "<br></td></tr>\n"; next; } print "<tr><td align=center><input type=checkbox name=cl$arg ", "value=1 $checked></td><td> $arg</td><td align=center>", "<input type=text name=\"pw$arg\" value=\"$pw\" size=10>", "<br></td></tr>\n"; } print "<tr>$it $ni</tr>\n"; print "</table></center>\n\n"; print '<MAP NAME="js_map1">', ' <AREA SHAPE="rect" COORDS="0,0,59,52" HREF="javascript:Previous()" onMouseOver="window.status=\'\';return true">', '</MAP>'; print "\n"; print '<MAP NAME="js_map2">', ' <AREA SHAPE="rect" COORDS="0,0,59,52" HREF="javascript:Next()" onMouseOver="window.status=\'\';return true">', '</MAP>'; print "\n"; print '<IMG SRC="/tasks/rightarrow.gif" BORDER=0 USEMAP="#js_map2" align="right">'; print "\n"; print '<IMG SRC="/tasks/leftarrow.gif" BORDER=0 USEMAP="#js_map1" align="right">'; print "\n</form></body></html>"; } sub print_simple { print "<script language=\"JavaScript\">\n<!--\n"; # JavaScript print "function Next() { form = document.page2; setTimeout('form.submit()',0); return; } function Previous() { setTimeout('window.location=\"/tasks/Tasks.security-start.cgi?s\"',0); return; }\n"; print "//-->\n"; print "</script></head>\n\n"; print "<body bgcolor=\'a7b4ce\' background=/tasks/security-task.bg.gif>\n"; print "<table width=100%>", "<tr><th align=left><h1>Security Setup (continued)</h1></th>\n", "<th align=right><a href=\"/newsplash.shtml\">", "<img height=55 width=57 border=0 src=/tasks/home.gif></a>\n", " <a href=\"Tasks.shtml\">", "<img height=55 width=57 border=0 src=/tasks/back.gif></a>", "</tr></table>\n"; printf("\n<form name=\"page2\" action=\"%s\" method=post>\n", $action); print "<input type=hidden name=dummy value=\"\">\n"; print "<center><table width=620>\n"; print "<tr>$it Accounts: <br>$ni</tr>\n"; print "<tr><td>This page allows you to secure the accounts on your machine. The list below contains all accounts which are currently unprotected. </td></tr></table>\n\n"; print "<br><br><br><table width=320>\n"; print "<tr><td align=center><strong>No currently open accounts</strong>", "</td></tr><tr><td><br><br></td></tr>\n"; print "<tr>$it $ni</tr>\n"; print "</table></center>\n\n"; print '<MAP NAME="js_map1">', ' <AREA SHAPE="rect" COORDS="0,0,59,52" HREF="javascript:Previous()" onMouseOver="window.status=\'\';return true">', '</MAP>'; print "\n"; print '<MAP NAME="js_map2">', ' <AREA SHAPE="rect" COORDS="0,0,59,52" HREF="javascript:Next()" onMouseOver="window.status=\'\';return true">', '</MAP>'; print "\n"; print '<IMG SRC="/tasks/rightarrow.gif" BORDER=0 USEMAP="#js_map2" align="right">'; print "\n"; print '<IMG SRC="/tasks/leftarrow.gif" BORDER=0 USEMAP="#js_map1" align="right">'; print "\n</form></body></html>"; } 
