#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2013
    Posts
    3
    Rep Power
    0

    How to execute system calls in php via browser?


    I have a C program that makes a system call (centOS 6.0) to encrypt a file, my code is:

    #include <stdlib.h>
    int main () {
    system ("gpg -c --batch --passphrase mypass file.txt");
    return 0;
    }
    The executable object is called encrypt_file
    When I run ./encrypt_file directly through CLI it runs perfectly I obtain my file.txt.gpg, but when I try to execute it via browser when I get no response. Code in php: shell_exec("./encrypt_file");

    I already changed permissions to apache user by issuing the following:
    chown apache.apache /var/www/html/ And added the next line in /etc/sudoers:
    apache ALL=(ALL) NOPASSWD:ALL

    NOTE: The only command I have issues is gpg, I can make a system call with any other command that I needed to use, I can even run python scripts, and other C programs that doesn't contain anything related to gpg.

    Where can I change the PATH variable that is in use with the apache webserver???

    I hope a fast reply! I need to use a lot this encrypt_file!
  2. #2
  3. Transforming Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    14,179
    Rep Power
    9398
    Oh my.

    - Why are you giving apache sudo privileges?
    - Are you trying to execute gpg as root? No, but you talk like you are.
    - Why a C program? What's wrong with executing gpg from PHP directly?
    - If you think the PATH may have something to do with it, give the full path to gpg in the command and see if that works.
  4. #3
  5. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2013
    Posts
    3
    Rep Power
    0
    Originally Posted by requinix
    Oh my.

    - Why are you giving apache sudo privileges?
    - Are you trying to execute gpg as root? No, but you talk like you are.
    - Why a C program? What's wrong with executing gpg from PHP directly?
    - If you think the PATH may have something to do with it, give the full path to gpg in the command and see if that works.
    Ok, here's the thing...

    I need to be able to encrypt a file without any prompt, it needs to run in background, and to do so I believe the passphrase needs to be added to the command, but that's something I can't do due to security specifications on my work.
    I already tried adding the full path, nothing.
    No need to say, I'm quite new to PHP and APACHE, but is there a solution to my dilemma only using PHP? because as I said earlier the only system call that is troubling me is gpg...

    Thanks for your answer!
  6. #4
  7. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,959
    Rep Power
    1014
    Cross-posted at stackoverflow and linuxquestions and who-knows-where.

    Is that how companies work nowadays? Let somebody who's new to PHP and GnuPG dabble in cryptography, with the help of three forums? Let's hope this is not our data you're trying to encrypt there.
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  8. #5
  9. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2013
    Posts
    3
    Rep Power
    0
    We are a group of three students trying to finish COLLEGE work, is there a problem that we ask in three diferent forums? this forums were recommended to us in hope of some help. There's no need to make wild assumptions on what we're trying to do..
    Still I'd apreciate your help.
  10. #6
  11. Transforming Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    14,179
    Rep Power
    9398
    Ignore him, he's trolling.

    Unless you specifically need a separate program to launch GPG you can just run the command directly from PHP. You shouldn't need sudo and you should specify the full path to gpg instead of relying on the PATH.

    Try some output redirection.
    Code:
    gpg -c --batch --passphrase mypass file.txt >/tmp/stdout.txt 2>/tmp/stderr.txt
    Execute that command (from PHP) and check the two text files to see what happened.
  12. #7
  13. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,959
    Rep Power
    1014
    Yeah, Damian. Our little friend already solved his problem in the other forums, so you can stop "helping" him.

    Comments on this post

    • requinix disagrees : I don't want to fight you, but if we do then I *will* win
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  14. #8
  15. No Profile Picture
    Dazed&Confused
    Devshed Novice (500 - 999 posts)

    Join Date
    Jun 2002
    Location
    Tempe, AZ
    Posts
    506
    Rep Power
    128
    In the spirit of closing this topic out with a path to the solution, it looks like he actually found it, himself, here.

IMN logo majestic logo threadwatch logo seochat tools logo