Hi,
Subject of my school work:
"Web interface for managing firewall and band on the access server (Linux)"
I have a big problem because I do not know how to safely implement the change in the system and show the logs on the Web page.
Unfortunately, the number of solutions for today is enormous and it is increasingly difficult to me to decide on the right.
They are:
1. Launching a web server with root privileges (the default mode of miniserv'a Webmin)
2. CGI scripts on apache SUID (mode webmin on "foreign" server)
3. suPHP or suexec
4. Cron implements changes to the root
5. Daemon in C "periodically" implement changes in the configuration files created by PHP
6. Daemon in C to implement the changes requested in the configuration files created by PHP
7.Use SSH in PHP and after logging into the root of execution of commands in the configuration files created by PHP (the root password in the DB)
8.Use SSH in PHP and after logging into the root of execution of commands in the configuration files created by PHP (the root password, enter manually)
9. Like the above so that the use of sudo and user rights only to the necessary shell commands
10. Add the user apache in the /etc/sudoers can perform all the necessary applications shell commands
11. Seize the opportunity to command: shell_exec ( `sudo php-f / home /example/script.php`), and /etc/sudoers
(probably a few more options ...)
What should I choose?
(one of the main objectives of the application is simple and it is addressed to support small networks or networks class SO/HO)
sorry for my English, but I never learned this language
Thanks in advance and greet.
web panel to manage iptables and tc - secure the implementation of changes
