LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 04-14-2005, 05:35 AM   #1
haze
LQ Newbie
 
Registered: Feb 2004
Posts: 16

Rep: Reputation: 0
Apache permissions


How do I give Apache permission to run the useradd command?

From what I can gather this is done in the sudoers file and operated via a PHP script.

Does anybody have any working examples?
 
Old 04-15-2005, 04:22 PM   #2
michaelsanford
Member
 
Registered: Feb 2005
Location: Ottawa/Montréal
Distribution: Slackware + Darwin (MacOS X)
Posts: 468

Rep: Reputation: 30
I would be VERY weary at letting apache run useradd, it can get you into a heap of trouble. What's your application? Maybe we can find a better, more secure way of doing it?

To make useradd callable by php you need to chown it, as well as make /etc/shadow and /etc/passwd writeable by the nobody user, which is super dangerous.

And by having that callable by a web page is like hiring a locksmith to sit outside your house and hand out keys to whomever asks for them.

"Why? I only run a little web site on a dynamic IP who cares?" Well, I run a weblog site on my dynamic IP too, and checking /var/log/messages daily I can tell you that I get around 1 *serious* break in attempt per weak, at least; one was brute-force attack from Singapour that lasted 3 weeks!

Paranoia is good.

Last edited by michaelsanford; 04-15-2005 at 04:23 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Apache permissions RedHatCore Linux - Software 4 08-26-2005 12:35 AM
Apache permissions doing... nothing? wrbob Linux - Software 5 08-22-2005 09:46 AM
apache and permissions dkc_ace Linux - Software 19 01-17-2003 09:38 PM
Apache Permissions Canadian_2k2 Linux - Networking 4 12-02-2002 02:51 PM
apache permissions, maybe? roadie Linux - General 4 06-14-2001 10:52 AM


All times are GMT -5. The time now is 04:55 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration