The problem with doing any of this kind of thing is that somewhere along the line, you have to become root,and root can do any thing he wants and no one can stop him. Big security risk. It's the reason I don't run any extra software on my box I don't have to, especially stuff that has to do things as root, like webmin.
Anywho, the safest way I've found is to make a copy of the adduser command in a directory that ONLY the user that the web server runs as can get to. If you run your web server as nobody, you'll first need to create a user to run it as that actually exists, as nobody is the unix equivalent of a completely unprivaledged account.
I use the username httpd to run the web server. After creating the account look in the httpd.conf file and change the entries for username and group from nobody to httpd.
Then, do something like the following:
mkdir /usr/local/apache/sbin
chown httpd.httpd /usr/local/apache/sbin
chmod 700 /usr/local/apache/sbin/
cp /usr/sbin/newusers /usr/local/apache/sbin/
chown root.root /usr/local/apache/sbin/
chmod 4700 /usr/local/apache/sbin/
Note that the newusers command is a RedHat addon I think, i.e. your machine may not have it. If not, then you can copy adduser and passwd to the /usr/local/apache/sbin directory and make the password with a command like:
exec('echo passwd|passwd username --stdin');
Hope that helps.
