Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
hi dudes, I have a php interface contains:
enter username:
enter password:
and I want to save (append) $username and $password in /etc/passwd and /etc/shadow, how can I do this
The program executing your php would have to have root permissions - by design, webservers don't, usually running as their own user with no special access to anything.
This seems like an extraordinarily bad idea - what exactly are you trying to do?
Edit: to clarify, there might be some ugly ways to let this happen other than running apache as root - such as having your php call something which is setuid root - but the point is that you need privileges to edit those files and you're trying to do that from an application that traditionally runs unprivileged for (very sound) security reasons.
Last edited by karamarisan; 08-09-2009 at 04:35 AM.
Heh, that's an ambitious project. Well, as you may have guessed, I recommend you avoid messing with the system users and instead store your own login info. Have you heard of the principle of least privilege? It's a good idea to get that into your head when thinking about software in general, but the significance of it for this project is that unless you can come up with a compelling reason why you it's worth giving this program the ability to mess with system users (and potentially creating other vulnerabilities), you shouldn't.
Suggestions: You could use htpasswd, which should already be in place and stores info in regular files stored wherever, or you if you're already interfacing with a database, you could store them there (don't forget to hash your users' passwords!).
Edit: I may be missing you slightly. If you absolutely, absolutely can't avoid using system users, you could look into programming with pam. Dunno about adding - using sudo to let you add a password without a user still presents the problem that a malicious entity could add a user, ssh in, and be one step closer to gaining control of your system.
Last edited by karamarisan; 08-09-2009 at 06:04 AM.
Another option is to store the details in MySQL, but the main point is its not a good idea to let users create accts in the passwd and shadow files.
As said above, that requires root style privs AND it would also make them a valid user via eg ssh if they manage to get a cxn.
Okay - so if you're just building a frontend to an IMAP server, the external server is taking care of authentication and you're just passing credentials through to it. What would 'it' be in this case? If you want people not already on your system to be able to create accounts, you probably want a server that will use its own auth database. I don't have any relevant experience in picking such a thing, but it should be easy to research.
thanks alot dudes, I know there is a fool security bug when I give the web server root privileges to append the password to /etc/shadow, but in my case I don't care about security concerns, my challenge is to add the password, any help?
thanks in advance
If you insist on doing this, look into setuid. You could make a script that runs useradd and passwd for you, setuid root it, and have your php invoke that.
Two final thoughts:
1) You may be fundamentally undermining the security of your system if you do this. It's easy to say you accept the risk now; security is one of those things that never seems like it's worth the effort until after you needed it.
2) One of the consequences of ignoring the rules because you don't feel like following them is that people are often much less willing to help you. Most of the people at places like this who are good and can help are good because they know the rules of how to run a Linux system, and will be less inclined to spend time on people who don't understand why our predecessors came up with them in the first place. One might say you're making the entire Internet a little weaker by needlessly creating a weak link.
thanks alot dudes, I know there is a fool security bug when I give the web server root privileges to append the password to /etc/shadow, but in my case I don't care about security concerns, my challenge is to add the password, any help?
thanks in advance
Only a burned baby dreads the fire. So here you go.
on shell:
Create a dir where the webserver has write permission.
inside php:
Create a temporary file with the name and password for the user
inside a cronjob:
look for a file inside the dir and use this information to execute useradd
Or
have apache run as root and do a
PHP Code:
system( '/usr/sbin/useradd -p secret username')
Or
have the apache user to be allowed to sudo useradd and do the same as above
From a making-it-happen standpoint, yes. You could allow the user apache runs as to `sudo useradd *` without a password, and it'd have largely the same effect as what I said about using setuid earlier.
From a security standpoint, that doesn't help at all.
If you insist on doing this, look into setuid. You could make a script that runs useradd and passwd for you, setuid root it, and have your php invoke that.
Two final thoughts:
1) You may be fundamentally undermining the security of your system if you do this. It's easy to say you accept the risk now; security is one of those things that never seems like it's worth the effort until after you needed it.
2) One of the consequences of ignoring the rules because you don't feel like following them is that people are often much less willing to help you. Most of the people at places like this who are good and can help are good because they know the rules of how to run a Linux system, and will be less inclined to spend time on people who don't understand why our predecessors came up with them in the first place. One might say you're making the entire Internet a little weaker by needlessly creating a weak link.
I know there are alot of professionals here, but I'm just a beginner here, and am just trying to start with simple things and take them as a base and then do the big step, why you don't take a look at my signature ;-)
I'm realy appreciate your post man
It's good that you are experimenting (and if you're interested, I don't think most of us are professionals - I'm certainly not). However, mistakes are usually accidents. We've explained to you why this is a bad idea; what are you going to learn by ignoring that and doing it anyway? Hell, I'd say you'll learn the most by sticking to good practices as soon as you can.
zhjim put it wonderfully: only a burned baby dreads the fire. Don't be the burned baby if you can avoid it. :P
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.