http://danconia.org
zentara wrote:
On Sun, 8 Dec 2002 02:44:25 -0500, [EMAIL PROTECTED] (Jerry M . Howell II) wrote:hello all, I am looking for a command and the best way to give a non-superuser perlscript, ie, one that will be used in a web form the ability to add a user using the standard unix admin tools like useradd. Can anyone give me some input on this? can it be done through sudo safely? Is there a beter way? I've heard someone around here mention suexec, would that work in a web environment safely or should I look at an alternative route? If so what route should I look?suexec is an apache addon, which allows the httpd daemon to run as the user:group of the owner of the /home/public_html directory who is running it. Apache normally runs as nobody:nogroup or something similarly under-priviledged. So it's possible to run your cgi program out of a user's public_html directory with suexec, and then have that user listed in /etc/sudoers with the useradd program enabled. This still seems pretty dangerous, but you can make it safer by running it with a https address. With http, the passwords will be sent in the clear, and network traffic sniffers will be able to get the username and password, and use it to add themselves as a user (possibly with root priviledges). If you don't understand these things, you may be better off using and existing program, rather than trying to do it yourself. Alot of people like Webmin or PhPmyadmin.
-- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
