cptnwinky wrote:I'm sorry you think I'm lying; its a shame, I was just describing the results I got from the above command.
I had not intention to insult you or anything like that. English is not my native language, so if you feel like I should apologize, then I'll. I'm sorry!
Now back to the topic:
Code: Select all
vladsun@designer:/$ id
uid=1000(vladsun) gid=1000(vladsun) groups=20(dialout),24(cdrom),25(floppy),29(audio),44(video),46(plugdev),1000(vladsun)
vladsun@designer:/$ ping yahoo.com -c4 -f
PING yahoo.com (68.180.206.184) 56(84) bytes of data.
ping: cannot flood; minimal interval, allowed for user, is 200ms
vladsun@designer:/$ which ping
/bin/ping
vladsun@designer:/$ ls -l /bin/ping
-rwsr-xr-x 1 root root 30736 2007-01-31 01:10 /bin/ping
So, you see - /bin/ping is suid-ed (and that's how it should be in order to have normal users using it) but it still checks if you are really root ( by using getuid() ) and it refuses to be executed with the -f option. If you are root:
Code: Select all
root@designer:/# ping yahoo.com -c4 -f
PING yahoo.com (206.190.60.37) 56(84) bytes of data.
--- yahoo.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 36ms
rtt min/avg/max/mdev = 126.330/128.406/131.477/1.890 ms, pipe 4, ipg/ewma 12.306/130.151 ms
then there are no problems of course.
That's why one should use sudo for executing this command. And sudo can be configured the way that it will not ask for password. E.g.:
/etc/sudoers
Code: Select all
Cmnd_Alias NETWORKING = /bin/ping, ifconfig [0-9]* eth0
root ALL=(ALL) ALL
www-data ALL=NOPASSWD:NETWORKING
So, except for that the Apache user is the owner (parent) of any PHP process executed by requesting a *.php page, it has nothing to do with any system call (like system(), exec(), shellexec() etc.). Most important - Apache doesn't know if your PHP script has used them (with or without call to sudo).
I think you are mixing the suexec and sudo stuff.
Another evidence for what I'm saying:
Code: Select all
root@designer:/# cat 1.php
<?php
echo system('ping yahoo.com -c4 -f');
root@designer:/# php -q 1.php
PING yahoo.com (68.180.206.184) 56(84) bytes of data.
--- yahoo.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 34ms
rtt min/avg/max/mdev = 207.649/209.201/211.136/1.634 ms, pipe 4, ipg/ewma 11.404/210.283 ms
rtt min/avg/max/mdev = 207.649/209.201/211.136/1.634 ms, pipe 4, ipg/ewma 11.404/210.283 ms
root@designer:/# su www-data
sh-3.1$ php -q 1.php
PING yahoo.com (206.190.60.37) 56(84) bytes of data.
ping: cannot flood; minimal interval, allowed for user, is 200ms
PING yahoo.com (206.190.60.37) 56(84) bytes of data.
Again, my apologizes.