I'm going to hold off changing sudoers until I hear back from Dan and
try the CGI method, but this does seem to make sense. Thanks Finlay.
-Steve
On 07/10/2007, Finlay Dobbie <email@hidden> wrote:
> On 06/10/2007, Steve Savery <email@hidden> wrote:
> > I have a web site and a mailing list running both running on the same
> > Mac OS X Server 10.4 Mac. I would like to enable those who register to
> > the web site to simply tick a box on a form to have themselves
> > automatically added to the mailing list.
> >
> > I've done the code, but while I am getting a TRUE response from the
> > command sent via PHP, the email address does not get added to the
> > mailing list.
> >
> > Is this a permissions issue? If so, what do I need to change and what,
> > if any, security implications are there?
>
> Yes, this is a permissions issue. On Mac OS X, Apache runs as "www"
> and Mailman runs as "mailman". Only the mailman user and root can
> access/modify the Mailman data store.
>
> sudo is designed for things like that. On the host I was recently
> doing this for, where httpd runs as nobody, I added the following rule
> to /etc/sudoers:
>
> nobody ALL = (mailman) NOPASSWD: /home/sptowers/mailman_trampoline.sh
>
> Where the shell script does some verification of a shared secret and
> is rw-r-x--- sptowers:mailman.
>
> Then from PHP you can "sudo -u mailman
> /home/sptowers/mailman_trampoline.sh <args>"
>
> That's about the most secure way I could think of doing it.
>
>
> -- Finlay
>
--
Steve Savery
+44 (0) 7966 621027
Mac user? Visit http://s-mug.com
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/email@hidden
This email sent to email@hidden
