On 06/10/2007, Steve Savery <email@hidden> wrote:
> I have a web site and a mailing list running both running on the same
> Mac OS X Server 10.4 Mac. I would like to enable those who register to
> the web site to simply tick a box on a form to have themselves
> automatically added to the mailing list.
>
> I've done the code, but while I am getting a TRUE response from the
> command sent via PHP, the email address does not get added to the
> mailing list.
>
> Is this a permissions issue? If so, what do I need to change and what,
> if any, security implications are there?
Yes, this is a permissions issue. On Mac OS X, Apache runs as "www"
and Mailman runs as "mailman". Only the mailman user and root can
access/modify the Mailman data store.
sudo is designed for things like that. On the host I was recently
doing this for, where httpd runs as nobody, I added the following rule
to /etc/sudoers:
nobody ALL = (mailman) NOPASSWD: /home/sptowers/mailman_trampoline.sh
Where the shell script does some verification of a shared secret and
is rw-r-x--- sptowers:mailman.
Then from PHP you can "sudo -u mailman
/home/sptowers/mailman_trampoline.sh <args>"
That's about the most secure way I could think of doing it.
-- Finlay
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/email@hidden
This email sent to email@hidden
