Am 2006-09-05 08:36:21, schrieb Jon Anderson:

> Or create a simple shell/perl/php/whatever wrapper for adduser, and 
> allow sudo for that wrapper by the web server user only.
> 
> For example, you could create a wrapper that only allows one 
> alphanumeric argument for the username, and another for the password. 

That would not be POSIX compliant...

A USERNAME must be:

    ^[A-Za-z_][-_.A-Za-z0-9]*

So the allowed chars should at least:

    -_.A-Za-z0-9

But his can be easily checked in PHP.
And ONLY after this passed to your wraper script.

Note:   I do this too on a public server and I asume, you know
        I have hackattemts, even if you can not know it.

Greetings
    Michelle Konzack
    Systemadministrator
    Tamay Dogan Network
    Debian GNU/Linux Consultant


-- 
Linux-User #280138 with the Linux Counter, http://counter.li.org/
##################### Debian GNU/Linux Consultant #####################
Michelle Konzack   Apt. 917                  ICQ #328449886
                   50, rue de Soultz         MSM LinuxMichi
0033/6/61925193    67100 Strasbourg/France   IRC #Debian (irc.icq.com)

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to