Am 2006-09-05 08:36:21, schrieb Jon Anderson:
> Or create a simple shell/perl/php/whatever wrapper for adduser, and
> allow sudo for that wrapper by the web server user only.
>
> For example, you could create a wrapper that only allows one
> alphanumeric argument for the username, and another for the password.
That would not be POSIX compliant...
A USERNAME must be:
^[A-Za-z_][-_.A-Za-z0-9]*
So the allowed chars should at least:
-_.A-Za-z0-9
But his can be easily checked in PHP.
And ONLY after this passed to your wraper script.
Note: I do this too on a public server and I asume, you know
I have hackattemts, even if you can not know it.
Greetings
Michelle Konzack
Systemadministrator
Tamay Dogan Network
Debian GNU/Linux Consultant
--
Linux-User #280138 with the Linux Counter, http://counter.li.org/
##################### Debian GNU/Linux Consultant #####################
Michelle Konzack Apt. 917 ICQ #328449886
50, rue de Soultz MSM LinuxMichi
0033/6/61925193 67100 Strasbourg/France IRC #Debian (irc.icq.com)
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
