stackoom
  简体   繁体   中英

What would be a safe way or alt. to run a command as root from php script?

 原文  2016-03-12 02:25:39       php/ bash/ ubuntu/ root

Question

Just as the question says... I've read up a few articles, others says just don't do it, but yet fail to mention a safe way. I know it hazardous to give it sudo access or root, but I was thinking about running a script that has root access through root.

One post was talking about a binary wrapper, but I did not fully understand it when I attempted it and when I tried to do a search to understand I didn't find anything that explain it well.

So, what would be a good-safe way? I don't even need to have a detailed explanation. You can just point me to a good source to start reading.

Thanks.

Specs: Ubuntu Server 14.04

EDIT: Commands I am talking about is mkdir, rmdir with an absolute path. Create user, remove user (which is why I need root) and edit some Apache files for me.

1 answers

solution1
 0 ACCPTED  2016-03-12 02:47:19

They fail to provide a safe way because, IMHO, there isn't one. Or, to put it another way, are you confident that your code that protects the create user and add user functions is cleverer than the hackers code that tries to gain access to your system via the back door you've built?

I can't think of a good reason for a web site to create a new system-level user. Usually web applications run using system users that are created for them by an administrator. The users inside your web site only have meaning for that web site so creating a new web site user gains that user no system privileges at all. That said, it's your call as to whether you need to do it or not.

In those cases where system operations are necessary a common approach is to build a background process that carries out those actions independently of the web site. The web site and that background process communicate via anything that works and is secure - sockets, a shared database, a text file, TCP-IP, etc. That separation allows you to control what actions can be requested and build in the necessary checks and balances. Of course it's not a small job, but you're not the first person to want to do this so I'd look for an existing tool that supports this administration.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question what is the best way to run shell script (with root privilege) via php? Executing root commands from PHP…Is there a safe way? Would like to run a background PHP script from the main PHP script How to run php command but from php script run command as root via php Cake PHP run Console/command from within a module from root Run php script from URL in command line Run Drush command from a PHP script Run php script from command line with variable Run php script from command line endless
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM