Background: I am writing a script for a company that will allow users to create FTP accounts through a web interface. In the background, the script must run a bunch of commands:
- Add the user to the system (useradd)
- Open and edit various files
- mail the user via sendmail
and a few other things...
I'm basically looking for the most secure way of doing this. I've heard of the setuid method, the sudo method, and of course, running httpd as a priviledged user. There will be sanity checks on the data entered of course before any commands are executed (ie. only alphanumeric characters in usernames)
What is the method used by the popular scripts out there (webmin for example), as it must be fairly secure?