Making httpd su to another user

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
memotype
Forum Newbie
Posts: 5
Joined: Mon Dec 04, 2006 12:45 pm

Making httpd su to another user

Post by memotype »

Is there any way to cause PHP or the httpd to su to another user from PHP? I.e. Prompt the browser for username/password, and use that to su, so that the PHP/httpd instance has the rights to modify that user's files, etc?

Thanks
User avatar
ok
Forum Contributor
Posts: 393
Joined: Wed May 31, 2006 9:20 am
Location: The Holy Land

Post by ok »

Try this (from the Ubuntu forums): http://www.ubuntuforums.org/showthread.php?t=24008
memotype
Forum Newbie
Posts: 5
Joined: Mon Dec 04, 2006 12:45 pm

Post by memotype »

ok wrote:Try this (from the Ubuntu forums): http://www.ubuntuforums.org/showthread.php?t=24008
I don't see how this answers my question... I'm asking how to change users from PHP, it seems like this is a desktop icon or something.
User avatar
Chris Corbyn
Breakbeat Nuttzer
Posts: 13098
Joined: Wed Mar 24, 2004 7:57 am
Location: Melbourne, Australia

Post by Chris Corbyn »

You can't. You can have PHP run under different userids for different virtual hosts when it executes CGI scripts but you can't switch at runtime.

To use a different userid for a virtual host you need the apache suexec module and you need to run PHP as CGI for that virtual host.
memotype
Forum Newbie
Posts: 5
Joined: Mon Dec 04, 2006 12:45 pm

Post by memotype »

d11wtq wrote:You can't. You can have PHP run under different userids for different virtual hosts when it executes CGI scripts but you can't switch at runtime.

To use a different userid for a virtual host you need the apache suexec module and you need to run PHP as CGI for that virtual host.
Hmm... would it be possible to run, i.e., "su -c /bin/sh" as a subprocess and feed commands into that from PHP? Or maybe have apache ask for username/password from the browser, and then suexec the PHP file?
User avatar
ok
Forum Contributor
Posts: 393
Joined: Wed May 31, 2006 9:20 am
Location: The Holy Land

Post by ok »

Try your luck on the Linux forum.
Post Reply