Running commands via only certain web scripts

Kevin McCann kmccann at
Fri Jun 27 23:06:49 EDT 2003


Not sure if sudo is the right tool for what I want to do. I am wanting to
execute Mailman commands (bin/lists_lists, bin/new_list, etc.) through a
custom web app. So my PHP application executes commands like so:

    $result = `/usr/local/bin/sudo /usr/local/mailman/bin/list_lists`;

Normally this wouldn't be allowed, but I have my SUDO entry:

    nobody ALL = NOPASSWD: /usr/local/mailman/bin/list_lists

and so the Mailman command gets executed and life is good. However, I don't
want to open things up quite this much. Otherwise anyone with an account on
the web server could write a script to do the same thing, right? I want to
only have a certain PHP script be able to execute the mailman commands. Is
this doable?


More information about the sudo-users mailing list