I´ve already made a set of tools for my users like a script to them change their passwords needing only to know the old password of their accounts.
At the time, I had the same problem that you´re talking now. The first thought that occurs is "chmod +s tool_that_i_want_to_use" like you´re saying. I´ve solved the problem using sudo. It allows me to run some programs as others (like setuid), but I can make only one or some users have this kind of permission. It made my solution much more security than allowing all users to run a command with vpopmail´s user id. If this kind of tool really became part of vpopmail, it will be a big step to lots of other people (like me), to develop their own specific solutions. --------- Mensagem Original -------- De: "Gerald Villemure" <[EMAIL PROTECTED]> Para: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]>, "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> Assunto: [vchkpw] A new tools for vpopmail Data: 23/07/03 05:10 The problem is, how to you get a web server that is running as "nobody" to run commands as vpopmail? The answer has been to set qmailadmin SETUID vpopmail. The problem with that is. What if you want to develop your own front-end in PHP for example? One answer is to introduce a new command in the base distribution of vpopmail which would run SETUID vpopmail which could then be called by whatever front-end you care to design. COMMAND SUMMARY You must authenticate with a valid user/pass for any commands to be executed. Some commands will only execute if the user/pass has admin rights on the domain in question. ________________________________________________ Webmail - 99one Internet Provider
