LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Programming (https://www.linuxquestions.org/questions/programming-9/)
-   -   write a PHP code to run some command as ROOT ??? (https://www.linuxquestions.org/questions/programming-9/write-a-php-code-to-run-some-command-as-root-416309/)

tritong 02-16-2006 09:44 PM
write a PHP code to run some command as ROOT ???
 
I'm trying to write PHP code to run shel command, but there're some command I used must be run AS ROOT.
For example:

Code:
shell_exec("ifconfig eth0 down");
I know the problem is the user apache hasn't root privileges to run it.
Is there any solution ??
Help me.

arsham 02-16-2006 10:06 PM
You can make a daemon that runs under root previlege and waits for a connection from localhost , then run the raw command
this by itself is a security hole

tritong 02-17-2006 12:53 AM
Thanks, but is there another way that's more secure than make a daemon?

arsham 02-17-2006 01:06 AM
you can sit behind xinetd , most of daemons do like this
see man pages for inetd and xinetd
but still I'm not sure about security
I will search for this and will let you know if I find any solution , but keep searching

Regards
Arsham

tritong 02-17-2006 04:30 AM
Thank you Arsham.
I think I can make it a daemon and wait for connection to run sepecific commands but password is required. And the web UI must also need username and password to access it. I may try to secure them by SSL.
But I feel this solution is unsafe. So if there is better solution, please tell me soon.

arsham 02-17-2006 10:07 AM
Kernel doesn't let you to post the root password , I mean you have to sit in front of the computer or ssh/telnet it and open a shell to login as root
you must limit the access of the daemon to localhost , for reson of security

Regards

95se 02-17-2006 10:18 AM
Perhaps this would work... Write a script/program to run the command for you, set the owner to root and as root run chmod 4755 on it. This makes it run as the user who created it, i.e. root.

graemef 02-17-2006 10:35 AM
If you know what the commands are you could set them up in a sudoers file, and then get php to call the command via sudo.

tritong 02-22-2006 01:41 AM
I wrote a C program like this (for test only)
Code:
/* test.c */
#include <sys/types.h>

#include <stdio.h>
#include <pwd.h>
#include <unistd.h>
#include <assert.h>
#include <errno.h>
#include <string.h>

static char* usage="Usage: %s <command> [option] \n";

int err(char *, int);

int main(int argc, char* argv[])
{       
        int max=0,
            check=0;

        if(argc<2)
        {
                printf(usage, argv[0]);
                return 1;
        }
       
        check = seteuid(0);
        if(check)
                return err("Set UID", 1);
        check = setegid(0);
        if(check)
                return err("Set GID", 1);

        if(argc>2)
        {
                max = argc;
                char *argl[max-1];
               
                int i, j=0;
                for(i=1; i<max;i++)
                {
                        argl[j] = malloc(strlen(argv[i]));
                        argl[j] = argv[i];
                        j++;
                }
                argl[j] = NULL;

                check = execvp(argv[1], argl);
                if(check)
                        return err("Run command", 1);
               
                return 0;
        }
        /*else: agrc=2*/
        char *argl[1];
        argl[0] = argv[1];
        argl[1] = NULL;
        check = execvp(argv[1], argl);
        if(check)
                return err("Run command", 1);
return 0;
}

int err(char* mess, int exitCode)
{
        perror(mess);
        return exitCode;
}
Compile it:
Code:
$gcc -o test test.c
Then, I change permission for it (as root):
Code:
$chmod +s test
Then I change to another user right and type
Code:
$test ifconfig eth0 down
It work OK.
But when I run it by PHP
Code:
<?php
shell_exec("test ifconfig eth0 up");
?>
I does nothing ???
Why???

tritong 02-22-2006 02:14 AM
I added apache user to the sudoers too but it's no use!!!
Code:
%apache        ALL=(ALL)      NOPASSWD: ALL

arsham 02-22-2006 03:15 AM
buddy
in your program , listen to a port , then after recieve the proper command , run the command via your daemon ( whick has root access )

then via PHP open a socket and send your command to the program which is listening

regards

tritong 02-22-2006 08:46 PM
I'm doing what you said.
Thanks bro

german 02-22-2006 10:04 PM
it's a good thing nobody in this forum knows how to find tritong's webapp on the internet... it would be pwned in about 3 seconds

tritong 02-22-2006 10:48 PM
This web application is for testing purpose only. So, I'm not afraid of hacking.


All times are GMT -5. The time now is 09:33 PM.