[horde] Signup Application

James james at james-web.net
Sat Mar 16 10:11:47 PST 2002 

But this really goes beyond the scope of Horde/IMP as it is now, eh?

- James

> -----Original Message-----
> From: Scot Wilcoxon [mailto:scot at wilcoxon.org] 
> Sent: Friday, March 15, 2002 9:47 AM
> To: horde at lists.horde.org
> Subject: RE: [horde] Signup Application
> 
> 
> > The issue is that to create a system account, you must have root 
> > privs. ... I have yet to find a satisfactory way to add a user via 
> > PHP.
> 
> Have your PHP script write the info needed for a system 
> account (which I think 
> is only the username, password, and a full name or comment) 
> in a file.  One 
> item per line, which makes it a three-line file.  Have that 
> file be created in 
> some private directory which the PHP program has proper 
> permissions for, with 
> some unique name on the file. (advantage: creation request is 
> permanent until 
> the request is processed, can be archived by moving to a 
> different directory, 
> and also file creation is atomic so a program can detect if a 
> file by that name 
> already exists even if two programs are running at the same time)
> 
> Some small program with superuser privileges can be started 
> regularly by 
> crontab.  This program only has to look in that directory, 
> read the contents of 
> a file, check that there are no odd characters in the strings 
> and it is of 
> reasonable length (protection against tricking the command 
> which is about to be 
> assembled), and emit the user-creation command (adduser, 
> useradd, whatever).  
> Then move that file to some archive directory.
> 
> The user creation program can run on a nonprivileged account 
> and use 'sudo' to 
> create the account, so there is another protection by having 
> 'sudo' only allow 
> user creation by that account.  The reason to not have the 
> PHP program do the 
> creation directly with 'sudo' is simply to filter the request 
> from "outside" 
> through that very simple data pipe through which it is hard 
> to pass any kind of 
> attack to the privileged program.
> 
> 
> Variations on a theme: use a fifo (named pipe) instead of a 
> file for the data, 
> use a fifo to wake up the program so it will immediately 
> perform the creation, 
> send a transaction ID along with the request so the program 
> can report success 
> or failure of that request.
> 
> -- 
> Horde mailing list: http://horde.org/horde/
> Frequently Asked Questions: http://horde.org/faq/
> To unsubscribe, mail: horde-unsubscribe at lists.horde.org
>

More information about the horde mailing list