Date: Fri, 13 Dec 2002 07:18:31 -0600 From: Neil W Rickert <sendmail+rickert@sendmail.org> To: Kirk Bailey <idiot1@netzero.net> Cc: sendmail-questions@sendmail.org, freebsd-questions@freebsd.org Subject: Re: automatin the creation/destruction of email lists Message-ID: <22461.1039785511@euclid.cs.niu.edu> In-Reply-To: Message from Kirk Bailey <idiot1@netzero.net> of "Fri, 13 Dec 2002 02:05:56 EST." <3DF986D4.7060007@netzero.net> References: <3DF986D4.7060007@netzero.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Kirk Bailey <idiot1@netzero.net> wrote: >ok, this one is tough. I am writing 4 scripts- 2 sdevlope webforms, and are >done, no problem. The other two respectively create or destroy email lists. Or >at least that's the goal. >Sendmail is VERY persnickity about permissions and ownerships for the aliases >files- at least. I have edited sendmail.cf so it compiles from a second >aliases file, aliases.tinylist, which is in /etc/mail, and it reads the file >fine. Note the webscript runs by apache (as nobody) cannot write to the /mail >dir; it bombs at this point. >If I set the dir so other identities can write to it, sendmail get's VERY >upset when I issue the newaliases command. >so either it accepts the file, but I cannot write to it, or I cannot write to >it, but it accepts the file. sigh... >What's a fellow to do? Please advise. There is a good reason for sendmail being fussy. There are serious security concerns with the use of aliases. These are mainly when the alias expansion is either a file path or a command pipe. Your best bet is to have your web application write to a different file. Run a frequent cron job. The cron job should sanitize the data (remove anything with file paths or command pipes), copy to the main aliases file, then run new aliases. -NWR To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?22461.1039785511>