LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (http://www.linuxquestions.org/questions/linux-security-4/)
-   -   username and password (http://www.linuxquestions.org/questions/linux-security-4/username-and-password-746180/)

a7mlinux 08-09-2009 04:18 AM

username and password
 
hi dudes, I have a php interface contains:
enter username:
enter password:
and I want to save (append) $username and $password in /etc/passwd and /etc/shadow, how can I do this

karamarisan 08-09-2009 04:33 AM

The program executing your php would have to have root permissions - by design, webservers don't, usually running as their own user with no special access to anything.

This seems like an extraordinarily bad idea - what exactly are you trying to do?

Edit: to clarify, there might be some ugly ways to let this happen other than running apache as root - such as having your php call something which is setuid root - but the point is that you need privileges to edit those files and you're trying to do that from an application that traditionally runs unprivileged for (very sound) security reasons.

a7mlinux 08-09-2009 05:31 AM

I'm trying to design a webmail from scratch, user accounts in the webmail are the same users in system, any idea to do this

karamarisan 08-09-2009 06:00 AM

Heh, that's an ambitious project. Well, as you may have guessed, I recommend you avoid messing with the system users and instead store your own login info. Have you heard of the principle of least privilege? It's a good idea to get that into your head when thinking about software in general, but the significance of it for this project is that unless you can come up with a compelling reason why you it's worth giving this program the ability to mess with system users (and potentially creating other vulnerabilities), you shouldn't.

Suggestions: You could use htpasswd, which should already be in place and stores info in regular files stored wherever, or you if you're already interfacing with a database, you could store them there (don't forget to hash your users' passwords!).

Edit: I may be missing you slightly. If you absolutely, absolutely can't avoid using system users, you could look into programming with pam. Dunno about adding - using sudo to let you add a password without a user still presents the problem that a malicious entity could add a user, ssh in, and be one step closer to gaining control of your system.

a7mlinux 08-09-2009 08:47 AM

the core of my work is using imap with fuction:
Code:

$mbox = imap_open("{localhost:143}INBOX", "user_id", "password");
to open inbox, and here the "user_id" and "password" belong to specific system user

chrism01 08-10-2009 01:20 AM

Another option is to store the details in MySQL, but the main point is its not a good idea to let users create accts in the passwd and shadow files.
As said above, that requires root style privs AND it would also make them a valid user via eg ssh if they manage to get a cxn.

karamarisan 08-10-2009 01:40 AM

Okay - so if you're just building a frontend to an IMAP server, the external server is taking care of authentication and you're just passing credentials through to it. What would 'it' be in this case? If you want people not already on your system to be able to create accounts, you probably want a server that will use its own auth database. I don't have any relevant experience in picking such a thing, but it should be easy to research.

a7mlinux 08-11-2009 05:25 AM

thanks alot dudes, I know there is a fool security bug when I give the web server root privileges to append the password to /etc/shadow, but in my case I don't care about security concerns, my challenge is to add the password, any help?
thanks in advance

karamarisan 08-11-2009 07:14 AM

If you insist on doing this, look into setuid. You could make a script that runs useradd and passwd for you, setuid root it, and have your php invoke that.

Two final thoughts:
1) You may be fundamentally undermining the security of your system if you do this. It's easy to say you accept the risk now; security is one of those things that never seems like it's worth the effort until after you needed it.
2) One of the consequences of ignoring the rules because you don't feel like following them is that people are often much less willing to help you. Most of the people at places like this who are good and can help are good because they know the rules of how to run a Linux system, and will be less inclined to spend time on people who don't understand why our predecessors came up with them in the first place. One might say you're making the entire Internet a little weaker by needlessly creating a weak link.

zhjim 08-11-2009 07:32 AM

Quote:

Originally Posted by a7mlinux (Post 3639000)
thanks alot dudes, I know there is a fool security bug when I give the web server root privileges to append the password to /etc/shadow, but in my case I don't care about security concerns, my challenge is to add the password, any help?
thanks in advance

Only a burned baby dreads the fire. So here you go.

on shell:
Create a dir where the webserver has write permission.

inside php:
Create a temporary file with the name and password for the user

inside a cronjob:
look for a file inside the dir and use this information to execute useradd

Or

have apache run as root and do a
PHP Code:

system'/usr/sbin/useradd -p secret username'

Or

have the apache user to be allowed to sudo useradd and do the same as above

Or

Setup and virtual mailer and safe the world

http://struction.de/projects/HOWTO_V...ex?set_lang=en


Cheers Zhjim

sabir_mustafa 08-11-2009 08:26 AM

can "sudo" commmand of any help in this whole scenerio?

karamarisan 08-11-2009 08:43 AM

From a making-it-happen standpoint, yes. You could allow the user apache runs as to `sudo useradd *` without a password, and it'd have largely the same effect as what I said about using setuid earlier.
From a security standpoint, that doesn't help at all.

zhjim 08-11-2009 09:18 AM

Quote:

Originally Posted by karamarisan
From a security standpoint, that doesn't help at all.

True. The last one of my options, to create a virtual mailer, is the safest. The other three are mere mockups.

a7mlinux 08-11-2009 10:10 AM

Quote:

Originally Posted by karamarisan (Post 3639137)
If you insist on doing this, look into setuid. You could make a script that runs useradd and passwd for you, setuid root it, and have your php invoke that.

Two final thoughts:
1) You may be fundamentally undermining the security of your system if you do this. It's easy to say you accept the risk now; security is one of those things that never seems like it's worth the effort until after you needed it.
2) One of the consequences of ignoring the rules because you don't feel like following them is that people are often much less willing to help you. Most of the people at places like this who are good and can help are good because they know the rules of how to run a Linux system, and will be less inclined to spend time on people who don't understand why our predecessors came up with them in the first place. One might say you're making the entire Internet a little weaker by needlessly creating a weak link.

I know there are alot of professionals here, but I'm just a beginner here, and am just trying to start with simple things and take them as a base and then do the big step, why you don't take a look at my signature ;-)
I'm realy appreciate your post man

karamarisan 08-11-2009 10:27 AM

It's good that you are experimenting (and if you're interested, I don't think most of us are professionals - I'm certainly not). However, mistakes are usually accidents. We've explained to you why this is a bad idea; what are you going to learn by ignoring that and doing it anyway? Hell, I'd say you'll learn the most by sticking to good practices as soon as you can.

zhjim put it wonderfully: only a burned baby dreads the fire. Don't be the burned baby if you can avoid it. :P


All times are GMT -5. The time now is 05:01 PM.