#1
  1. No Profile Picture
    Junior Member
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2000
    Location
    Walnut, CA, USA
    Posts
    8
    Rep Power
    0
    Hello,

    I'm trying to use the exec() function to call shell scripts that in turn startup various programs under linux.. for example, when someone clicks on a link to restart a particular daemon, the daemon will then simply executed, either through the standalone command of /location/daemon or through the calling of a shell script that essentially performs an identical task.

    My problem is that exec() seems to only work through the user "nobody," which the Apache web server is running under. The scripts and programs I'd like to execute are under a user account named "admin."

    I've even tried chmod'ing all pertinent files w/ permissions that "nobody" could use to successfully access all necessary commands, without success, as the programs seem to crash whenever I do this..

    I realize it'd be a security risk, but would it be possible to use "su" to switch to the "admin" account, and then execute the commands? I couldn't figure out a way to echo back the password to su through exec() or system().. so I failed here, as well..

    Any suggestions would be greatly appreciated!

    Thanks...
  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Mar 2000
    Location
    Ontario, Canada
    Posts
    498
    Rep Power
    18
    Chances are, you'll have to run Apache as root if you want to be able to do that kinda stuff, and we all know that's probably a bad idea. As for su, you'd have to give 'nobody' suid 0 (wheel) in order to have that become available, and that's still a security risk. I'd say your best bet would be to write a shell script that you call through the php script, something like a middleman, to do the work. Or, you might try to figure a way to do it with Perl... But I'm no perl expert.

    ------------------
    To alcohol! The cause of, and solution to, all of life's problems. -- Homer Simpson
  4. #3
  5. No Profile Picture
    Junior Member
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2000
    Posts
    22
    Rep Power
    0
    The way round it is to have two version of PHP, the second needs to be a CGI and suid to root.
    chmod u+s filename

    Then set up apache so that it calls this version of php using a different extension. Set it up as a virtual host directive. So only you can run it.

    Its still a security risk and a big one at that but it will work. You are probably better to use another program and call it from php but this is just one idea

    Regards
    Darren http://www.php4hosting.com

Similar Threads

  1. PHP locking up with EXEC???
    By Webbywarehouse in forum PHP Development
    Replies: 2
    Last Post: May 17th, 2005, 10:49 PM
  2. Problems with exec()
    By gsoper in forum PHP Development
    Replies: 0
    Last Post: February 13th, 2004, 04:34 AM
  3. "set prompt" using exec or system
    By bln in forum Perl Programming
    Replies: 1
    Last Post: September 15th, 2003, 02:30 PM
  4. exec() on win2k again!
    By binky in forum PHP Development
    Replies: 2
    Last Post: April 22nd, 2002, 08:45 AM
  5. Replies: 0
    Last Post: May 16th, 2001, 04:18 PM

IMN logo majestic logo threadwatch logo seochat tools logo