Page 1 of 1

Execute an unix root script

Posted: Tue Jun 07, 2005 11:38 am
by hclima
Hi.
I've a site under PHP and UNIX and I need to run a script witch the owner is the root. How can I pass from php to the OS the necessary data (root username and password) to run the script as root?

Tks...

Posted: Tue Jun 07, 2005 11:51 am
by timvw
I think you better do it the other way round.... Make sure the www-server user is allowed to execute the things that happen in the script...

Posted: Wed Jun 08, 2005 2:06 am
by hclima
I already thought about that but I have to ask for the root password to the user and to certify that the password is well inserted to guarantee that the user can execute script (is an System Admin or something like that).

Posted: Fri Jun 10, 2005 11:53 am
by Ambush Commander
If I remember correctly, PHP can execute shell commands if it's not in Safe mode. Use `su` or a similar command and check the output and stuff.

Posted: Fri Jun 10, 2005 5:10 pm
by pickle
What does the script do that it needs to be run as root? It's almost NEVER a good idea to have something that can be run by root, be accessible via a webpage.

Look into sudo, it might give you the ability to execute that script as root, without needing root level access.

Posted: Fri Jun 10, 2005 6:24 pm
by Chris Corbyn
pickle wrote:What does the script do that it needs to be run as root? It's almost NEVER a good idea to have something that can be run by root, be accessible via a webpage.

Look into sudo, it might give you the ability to execute that script as root, without needing root level access.
Agreed. Running scripts with root privileges from a web page :?

On a side-note, although I'd have to suggest the same thing imho,

sudo + web script == disaster!

Posted: Mon Jun 13, 2005 9:48 am
by pickle
sudo + web script == disaster,
root access + web script == FRICKIN' BAD DISASTER

FRICKIN' BAD DISASTER > disaster

:)

Lesser of two evils I guess.

Posted: Mon Jun 13, 2005 10:23 am
by phpScott
if your hosting it your self you might be able to get away with it. make root owner of the file then follow some of the other suggestions.

If you have the site hosted somewhere, good luck because any host worth their salt wouldn't even consider the idea of allowing a script to be run a root.

Otherwise I will agree with the man who spends his days in vinegar

Posted: Tue Jun 14, 2005 4:35 pm
by jayloo
This is a recipe for disaster. Do not do it. Its not worth it.

Posted: Tue Jun 14, 2005 5:27 pm
by Chris Corbyn
jayloo wrote:This is a recipe for disaster. Do not do it. Its not worth it.
If you do do it then don't wonder "if" it will go wrong... wonder "when" it will go wrong. I can almost guarantee somebody will find it amusing to try and take advantage of this setup regardless of your status.

Posted: Tue Jun 14, 2005 9:27 pm
by Ambush Commander
And when your system is rooted, you cannot trust anything anymore. Best thing is to do a clean reinstall of the OS.