On Thu, 2012-07-19 at 14:24 +0200, Ondrej Valousek wrote:
Well, I guess it should not be a big problem to run 'passwd' or 'kpasswd' (if omitting PAM modules) inside of a CGI or PHP script. Different story/thread though.... :-)
Generally speaking, you want to avoid executing local binaries in externally-facing applications. Security issues and all that.
The LDAP approach can be handled in-process at least.