Date: Tue, 22 Jan 2002 21:49:00 -0800 From: Landon Stewart <landons@uniserve.com> To: Buliwyf McGraw <buliwyf@libertad.univalle.edu.co> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Creating users from the web Message-ID: <3C4E4ECC.1090100@uniserve.com> References: <Pine.BSF.4.43.0201222135470.19439-100000@libertad.univalle.edu.co>
next in thread | previous in thread | raw e-mail | index | archive | help
WebMin is a little more than you need for this perticular task, but you could code something to have commands inserted into a database, including ENCRYPTED passwords, then write a perl script to query the database and run whatever commands and parameters were in the database. After its all done, it would mark it completed and around we go. This way its scaleable (if you expand to more than one server). RELATIVELY secure (you could encrypt the SQL connections if you want to go over a network), and best of all you wouldn't have to run anything as root except your perl script that processes and does the user additions. I wrote an EXTENSIVE "tools" package for an ISP I worked for that allowed staff to add/remove for email/usernames/virtusertable entries as well as do searches etc... OR Go with sudo :-) Buliwyf McGraw wrote: > Hello, i want to build a system to create users from a web interface. > I tried to use the su_exec function of apache but it doesn't support > run programs "as root" or execute setuid programs. > I really need that the system work by the web... i know that it could > be insecure, but anyway, i have to do it. > Any sugestions? > Thanks for any help. > >======================================================================= > Buliwyf McGraw > Administrador del Servidor Libertad > Centro de Servicios de Informacion > Universidad del Valle >======================================================================= > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-security" in the body of the message > -- Landon Stewart System Administrator Vancouver Pacific Pender Uniserve Online Right of Use: The sender intends this message for a specific recipient and, as it may contain information that is privileged or confidential, any use, dissemination, forwarding, or copying by anyone without permission from the sender is prohibited. Personal e-mail may contain views that are not necessarily those of the company. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3C4E4ECC.1090100>