From owner-freebsd-questions Fri Dec 13 5:18:45 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1060D37B401 for ; Fri, 13 Dec 2002 05:18:42 -0800 (PST) Received: from euclid.cs.niu.edu (euclid.cs.niu.edu [131.156.145.14]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7163043EC5 for ; Fri, 13 Dec 2002 05:18:41 -0800 (PST) (envelope-from sendmail+rickert@sendmail.org) Received: from localhost (rickert@localhost [127.0.0.1]) by euclid.cs.niu.edu (8.12.7.Beta1/8.12.7.Beta1) with ESMTP id gBDDIVRt022464; Fri, 13 Dec 2002 07:18:31 -0600 (CST) To: Kirk Bailey Cc: sendmail-questions@sendmail.org, freebsd-questions@freebsd.org Reply-To: sendmail-questions@sendmail.org Subject: Re: automatin the creation/destruction of email lists References: <3DF986D4.7060007@netzero.net> In-Reply-To: Message from Kirk Bailey of "Fri, 13 Dec 2002 02:05:56 EST." <3DF986D4.7060007@netzero.net> Date: Fri, 13 Dec 2002 07:18:31 -0600 Message-ID: <22461.1039785511@euclid.cs.niu.edu> From: Neil W Rickert Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Kirk Bailey wrote: >ok, this one is tough. I am writing 4 scripts- 2 sdevlope webforms, and are >done, no problem. The other two respectively create or destroy email lists. Or >at least that's the goal. >Sendmail is VERY persnickity about permissions and ownerships for the aliases >files- at least. I have edited sendmail.cf so it compiles from a second >aliases file, aliases.tinylist, which is in /etc/mail, and it reads the file >fine. Note the webscript runs by apache (as nobody) cannot write to the /mail >dir; it bombs at this point. >If I set the dir so other identities can write to it, sendmail get's VERY >upset when I issue the newaliases command. >so either it accepts the file, but I cannot write to it, or I cannot write to >it, but it accepts the file. sigh... >What's a fellow to do? Please advise. There is a good reason for sendmail being fussy. There are serious security concerns with the use of aliases. These are mainly when the alias expansion is either a file path or a command pipe. Your best bet is to have your web application write to a different file. Run a frequent cron job. The cron job should sanitize the data (remove anything with file paths or command pipes), copy to the main aliases file, then run new aliases. -NWR To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message