NEED HELP! This is my code:
$pubfile="/home/httpd/vhosts/test.com/httpdocs/pubkeys/$subject" ;
$gnupg_path = '/home/httpd/vhosts/test.com/.gnupg';
$gpg = '/usr/bin/gpg';
$cmd = "$gpg --import $pubfile";
I echo the $cmd
usr/bin/gpg --import home/httpd/vhosts/epitmail.com/httpdocs/pubkeys/cl1@test.com.PUB
Just to check it is ok! IT IS the correct syntex and works if I type it in at the command prompt using "putty"
Then I call
exec($cmd);
Nothing Happens!
Any Help would be appreciated!
Importing GNUPG Keys with PHP
Moderator: General Moderators
-
Mike Foster
- Forum Newbie
- Posts: 1
- Joined: Tue Feb 04, 2003 9:30 pm
- Contact:
Perhaps because that the webserver is not running as your user? (usually as www-data or nobody or similar).
You could run it if you make it a suExec script as yourself, or some sort of CGI wrapper..
I don't think it is possible to run gpg as a different user and create the keyrings and import keys... If you have shell access it shouldn't be a problem to just do it that way?
if you do have the gpg keys on the server it is possible to run gnupg to encode data as a different user thanyourself, but it requires some tricks, setting your gnupg directory and the trustdb world writeable, this in itself is not dangerous unless you are using the trustdb to verify signatures etc, but you should still do a quick md5-sum check or similar on the trustdb every time you use it.. if doing something like this I recommend not using ~/.gnupg/ as your dir, select another one with som random letters and stuff (As a users home dir is often no executable/listable by other users on the system).
You could run it if you make it a suExec script as yourself, or some sort of CGI wrapper..
I don't think it is possible to run gpg as a different user and create the keyrings and import keys... If you have shell access it shouldn't be a problem to just do it that way?
if you do have the gpg keys on the server it is possible to run gnupg to encode data as a different user thanyourself, but it requires some tricks, setting your gnupg directory and the trustdb world writeable, this in itself is not dangerous unless you are using the trustdb to verify signatures etc, but you should still do a quick md5-sum check or similar on the trustdb every time you use it.. if doing something like this I recommend not using ~/.gnupg/ as your dir, select another one with som random letters and stuff (As a users home dir is often no executable/listable by other users on the system).