[SUCS Devel] Sanity of the signup scripts

Andrew Price welshbyte at sucs.org
Tue Jul 10 17:55:50 BST 2007


On 10/07/07 17:25, Chris Jones wrote:
> On 10 Jul 2007, at 16:45, Andrew Price wrote:
> 
>> My slightly less paranoid and more practical self
>> says there should be a separate user adding system that runs as root and
>> just processes validated requests from apache to add users.
> 
> Separate user adding system? run as root? kinda like the
> useradd.apache.ldap script perhaps? ;)

Perhaps, but spawned by a separate system (daemon? cron job?) that isn't
running as apache. As I said, I'm being paranoid, but I intuitively
don't like the idea of apache doing the root work.

> Validated how exactly?

By passing on the signup slip user/pass pair possibly.

>> My lazy self
>> says we should just implement the shell script in a php and use one of
>> those crazy php su systems to get root instead of using sudo. I'd like
>> to hear more opinions of how to do this in the least kludgy way possible.
> 
> Seriously, why?

Because kludges are bad? More flexibility? Reduce the amount of places
the ldap password is kept in plain text, perhaps... Previous
conversations have certainly led me to believe the current system needs
an overhaul.

> What's wrong with using sudo like the current system?

See above. I'm probably just being paranoid/careful, and that's why I
asked for comments. But if you're sure that the current system's
security is sturdy enough and doesn't need to be improved on then that's
my concerns put to rest and less work for me to do.

Security reviews ftw ;)

--
Andy Price




More information about the Devel mailing list