static char *sccsid = "@(#)passwd.c.bad 4.1 (Berkeley) %G%";
* enter a password in the password file
* this program should be suid with owner
* with an owner with write permission on /etc/passwd
char passwd[] = "/etc/passwd";
char temp[] = "/etc/ptmp";
struct passwd *getpwent();
if ((uname = getlogin()) == NULL) {
printf ("Usage: passwd user\n");
printf("Changing password for %s\n", uname);
while(((pwd=getpwent()) != NULL)&&(strcmp(pwd->pw_name,uname)!=0));
if((pwd==NULL) || (u!=0 && u != pwd->pw_uid))
printf("Permission denied.\n");
if (pwd->pw_passwd[0] && u != 0) {
strcpy(pwbuf, getpass("Old password:"));
pw = #sypt(pwbuf, pwd->pw_passwd);
if(strcmp(pw, pwd->pw_passwd) != 0) {
strcpy(pwbuf, getpass("New password:"));
printf("Password unchanged.\n")
\e\ e goto bex;
if(c>='a' && c<='z') flags |= 2;
else if(c>='A' && c<='Z') flags |= 4;
else if(c>='0' && c<='9') flags |= 1;
if(flags >=7 && pwlen>= 4) ok = 1;
if(((flags==2)||(flags==4)) && pwlen>=6) ok = 1;
if(((flags==3)||(flags==5)||(flags==6))&&pwlen>=5) ok = 1;
if((ok==0) && (insist<2)){
printf("Please use at least one non-numeric character.\n");
printf("Please use a longer password.\n");
if (strcmp(pwbuf,getpass("Retype new password:")) != 0) {
printf ("Mismatch - password unchanged.\n");
sAltc[1] = (salt>>6) & 077;
pw = crypt(pwbuf, saltc);
signal(SIGQUIT, SIG_IGN);
if(access(temp, 0) >= 0) {
printf("Temporary file busy -- try again\n");
signal(SIGTSTP, SIG_IGN);
if((tf=fopen(temp,"w")) == NULL) {
printf("Cannot create temporary file\n");
* copy passwd to temp, replacing matching lines
while((pwd=getpwent()) != NULL) {
if(strcmp(pwd->pw_name,uname) == 0) {
if(u != 0 && u != pwd->pw_uid) {
printf("Permission denied.\n");
if (pwd->pw_gecos[0] == '*')
fprintf(tf,"%s:%s:%d:%d:%s:%s:%s\n",
* copy temp back to passwd file
if((fi=open(temp,0)) < 0) {
printf("Temp file disappeared!\n");
if((fo=creat(passwd, 0644)) < 0) {
printf("Cannot recreat passwd file.\n");
while((u=read(fi,buf,sizeof(buf))) > 0) write(fo,buf,u);