Sherwood Botsford writes ("Re: [EXIM] Cookbook example of etrn plz?"):
> On Wed, 6 May 1998, Sean Witham wrote:
> = Someone else mentioned the idea of restricted exim admin access to
> = enable a limited subset of options to be available to users. This
> = might also solve my problem.
> =
> = Has anyone else implememtned a solution ?
>
...
> I propose an auxilary program exadmin. Exadmin has a separate configuration
> file stored in the same place that exim.conf is.
This is one of the kind of problems for which I created userv
(`you-serve'), which is
a Unix system facility to allow one program to invoke another
when only limited trust exists between them.
See
http://www.chiark.greenend.org.uk/~ian/userv/.
Using userv you can arrange (for example) for certain users to be able
to invoke mailq or runq or other preset commands as exim (or any other
user, as configured) with only userv configuration. If you want to
`vet' the particular Exim options available you can easily do it with
shell or Perl scripts and userv configuration, and provided you know
how to do argument `unparsing' properly in shell or Perl it will be
secure.
Ian.
--
*** Exim information can be found at
http://www.exim.org/ ***
