[horde] Signup Application
Scot Wilcoxon
scot at wilcoxon.org
Fri Mar 15 06:46:57 PST 2002
> The issue is that to create a system account, you must have root
> privs. ...
> I have yet to find a satisfactory way to add a user via PHP.
Have your PHP script write the info needed for a system account (which I think
is only the username, password, and a full name or comment) in a file. One
item per line, which makes it a three-line file. Have that file be created in
some private directory which the PHP program has proper permissions for, with
some unique name on the file. (advantage: creation request is permanent until
the request is processed, can be archived by moving to a different directory,
and also file creation is atomic so a program can detect if a file by that name
already exists even if two programs are running at the same time)
Some small program with superuser privileges can be started regularly by
crontab. This program only has to look in that directory, read the contents of
a file, check that there are no odd characters in the strings and it is of
reasonable length (protection against tricking the command which is about to be
assembled), and emit the user-creation command (adduser, useradd, whatever).
Then move that file to some archive directory.
The user creation program can run on a nonprivileged account and use 'sudo' to
create the account, so there is another protection by having 'sudo' only allow
user creation by that account. The reason to not have the PHP program do the
creation directly with 'sudo' is simply to filter the request from "outside"
through that very simple data pipe through which it is hard to pass any kind of
attack to the privileged program.
Variations on a theme: use a fifo (named pipe) instead of a file for the data,
use a fifo to wake up the program so it will immediately perform the creation,
send a transaction ID along with the request so the program can report success
or failure of that request.
More information about the horde
mailing list