LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > Programming
User Name
Password
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.

Notices

Reply
 
Search this Thread
Old 04-24-2002, 09:37 AM   #1
BaerRS
Member
 
Registered: Oct 2001
Location: Columbus, Ohio
Distribution: all.. but mainly SuSe--- looks like it changing to Red Hat
Posts: 119

Rep: Reputation: 15
Is their a way to run a command as root..or another user.. in php


Is their a way to run a command as root..or another user.. in php

I know their are a log of security issues with allowing this.. I will tighten down security after I get it to work.

He is what I am trying to do.
I have squid & squid guard set up..

in squids redirect url.. (on the same box).. I would like to modify a checked/domain list (I'm currently doing this manually... though I think I know how to do this ..or at least the book I have does.) after it is modified I need to run the fallowing...

--update--
#!/bin/sh
./squidguard -C all #or a specific db.. but all covers... all
/etc/init.d/squid restart

I can run this as root or as squid..

I did create a test script which just copied some files in the /tmp dir..
--test--
#!/bin/sh
echo "this is a test"
cp /usr/local/httpd/htdocs/Block.html /tmp/Block.html

I can run this.. and it works with the fallowing....

<?php
$command="./test";
system($command);
?>
 
Old 04-24-2002, 10:42 AM   #2
akohlsmith
Member
 
Registered: Apr 2002
Distribution: Slackware
Posts: 114

Rep: Reputation: 15
sudo is your friend here

Sudo should be able to make short work of this problem. 'man sudo' for more help.

Basically it allows you to create a list of commands which may be run as other users by users. with sudo you can allow user 'nobody' (usually what apache runs as) to run squidguard but if someone were to get a shell on your system as nobody (remote exploit, etc.) they would not be able to run any other commands as root.

Unless, that is, they use a local root exploit. :-)
 
Old 04-25-2002, 03:38 PM   #3
Syncrm
Member
 
Registered: Aug 2001
Location: Lansing, Michigan
Distribution: slackware8+
Posts: 472

Rep: Reputation: 30
you also might want to consider scgi-wrappers. they'll allow certain cgi (php) scripts to act as a different user... you have to be the apache admin to install though.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Run PHP shell_exec as root maneeshsethi Linux - General 5 12-30-2008 08:25 AM
how do I make sure that the user that is going to run the script is a root user??? nikold01 Linux - General 3 09-10-2004 08:54 AM
How to run php as root user ??? taqs Programming 2 09-01-2004 06:11 AM
help getting pptp-php-gtk.php to run as root mrtwice Linux - Software 0 11-21-2003 01:49 PM
Hi, How to view user and root run command on linux? dEMax Linux - General 1 09-12-2003 05:22 AM


All times are GMT -5. The time now is 10:10 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration