Here's my situation: I'm working on a PHP application that adds user
accounts to my system. However, the PHP script runs on the webserver,
while the accounts need to be created on a different box, which I'll refer
to as "master". Right now, on "master" I have a script which can create
and destroy directories in /home, and set permissions, etc. The script is
run by a shell_exec(ssh master sudo create $USER). I have
setup the web server user to be able to ssh to master without a password,
and use sudo to run without a password. What I'm worried
about is that any other user able to put up their web page can do the exact
same thing, and delete home dirs. Is there a more secure way to do this?