Kirk Bailey <[EMAIL PROTECTED]> wrote: >ok, this one is tough. I am writing 4 scripts- 2 sdevlope webforms, and are >done, no problem. The other two respectively create or destroy email lists. Or >at least that's the goal.
>Sendmail is VERY persnickity about permissions and ownerships for the aliases >files- at least. I have edited sendmail.cf so it compiles from a second >aliases file, aliases.tinylist, which is in /etc/mail, and it reads the file >fine. Note the webscript runs by apache (as nobody) cannot write to the /mail >dir; it bombs at this point. >If I set the dir so other identities can write to it, sendmail get's VERY >upset when I issue the newaliases command. >so either it accepts the file, but I cannot write to it, or I cannot write to >it, but it accepts the file. sigh... >What's a fellow to do? Please advise. There is a good reason for sendmail being fussy. There are serious security concerns with the use of aliases. These are mainly when the alias expansion is either a file path or a command pipe. Your best bet is to have your web application write to a different file. Run a frequent cron job. The cron job should sanitize the data (remove anything with file paths or command pipes), copy to the main aliases file, then run new aliases. -NWR To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
