> I dont even > know if you can do it any other way with out touching the passwd/shadow > files?
Do you run this for internet or your intranet accounts ? If for internet, try something different (e.g. Courier/IMAP.) If for intranet, and if you have to stay with Pop3, there is no way but to touch the password file. If you don't mind a web-based mail, a possible solution may like this: 1) set up a normal web-based membership service; 2) write a mail filter; 3) catch every email and check if the recipient is in your database, (yes) ? move the mail to the DB : normal mailbox. Well, I think someone's in this maillist may have already such a system and can share their experience. On the other hand, while this has a lot to do with Perl, it has little with mod_Perl. Peter ----- Original Message ----- From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Sunday, May 19, 2002 1:56 AM Subject: Re: Scripts and passwd > > Hello > > Thanks for the reply. Yes this server is running mod perl :) > > As for risky. Well the whole point of the script system is to add a pop mail > box for a user. But in order to do this i have to do the following: > > add user to the passwd/shadow file > add user to the virtusertable and genericstable > recompile the sendmail config files > > Then and only then is the new mailbox ready for use. This is the only way I > can think of to accomplish this via an automated web proccess. I dont even > know if you can do it any other way with out touching the passwd/shadow > files? > > Thanks! John. > > > You're doing something pretty risky there. the passwd/shadow files are > only > > writable by root. So I suppose that when running them from the command > line > > you run them as root. Apache doesn't run as root (its children which serve > > the requests atleast), so mod_perl (I suppose you *are* using mod_perl? If > > not, this is more appropriate for another newsgroup) won't either. > > > > If you can run your script as CGI, you could use suEXEC. But really, > really > > consider the security implications of what you're doing there before > > allowing users to trash your machine very fast... > > > > > > -- > > Per Einar Ellefsen > > [EMAIL PROTECTED] > > > > > >
