I see your point regarding sudo. This opens up a can of security-related
worms. Could anyone suggest a safe, reliable way to authenticate users
via Apache and then execute code as the user to do things like:
* change passwords
* turn off/on vacation
Regards,
Joshua Slive wrote:
On 10/25/05, Gordon Thagard <[EMAIL PROTECTED]> wrote:
After reading the security checks list it seems somewhat clear that only
the apache (perhaps the "nobody" user, as that's how I've set mine) user
can execute cgi or PHP code. I want users to be able to authenticate and
then be able to:
a. change passwords
b. turn off/on vacation via /usr/local/bin/vacation
c. turn off/on spam filtering via adding/removing a pre-written
.mailfilter file into/out of the user's home directory
Is this possible via the User directories usage description above or is
there another way or no way using Apache?
No, this is not a good usage of suexec. You would need to put cgi
scripts in each users home directory to make it work.
You should look into sudo, but be very careful. Allowing access to
regular accounts over the web is a good way to compromise your server.
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
