Executing shell script within PHP
Question
When we install a program (eg a DBMS), it can be natively run by shell commands; but for running it within PHP, Perl, Python, etc, we need appropriate API/Driver. This may slow down the process and put new limitations (eg CBD does not need to fit within the memory, but using it with CDB_File in Perl needs).
Question 1: Is shell the fastest and best place for running a program (regardless of our application and purpose).
It is common to execute ssh commands within PHP with exec() or shell_exec(). But this is on rare occasion.
Question 2: Is it convinient to mix php codes with shell commands on a regular basis? Creating a long shell script then running it within php by exec("./shell.sh"). Is there any security issue or problematic consideration for this class of web scripting?
Question 3: PHP (and other scripting languages) itself run a shell command to do a process (eg reading a file or connecting to database). Right? Thus, shell command is inevitable via php or direct command?
2 answers
solution1
2 2011-10-13 08:47:56
Question 1: Is shell the fastest and best place for running a program (regardless of our application and purpose).
That depends on whether or not the command-line-interface of that program is the fastest way to interface with that program or not, and if that CLI interface of that program is the best way to run that program. So it depends on the the program. Eg you can execute the Firefox web-browser via the shell, however it's not the best place to use it.
Question 2: Is it convinient [sic!] to mix php codes with shell commands on a regular basis? Creating a long shell script then running it within php by exec("./shell.sh"). Is there any security issue or problematic consideration for this class of web scripting?
What's convenient or not depends on a user's perception when it comes to using shell commands on a regular basis. Naturally as everything that runs on a computer has security implications, this is true for shell scripts as well.
solution2
2 ACCPTED 2011-10-13 09:59:28
In addition to hakre's comments....
It is common to execute ssh commands within PHP with exec() or shell_exec(). But this is on rare occasion.
Leaving aside the glaring oxymoron in the 2 sentences, invoking ssh via exec/shell_exec is a very dumb idea. As a quick hack where you know that key pair authentication is in place, then it will solve the problem - but for more general application you should use proc_open in order to use proper handshaking on the relevant streams - or the ssh2 extension .
Regarding q3, no. Where PHP provides a function, almost inevitably it will be implemented as a native function call by the current process/thread (the only exception I'm aware of is the mail() command on POSIX systems). Using exec, shell_exec, passthru, popen... etc a new process must be created.
Regarding security....since a webserver (and therefore its scripts) run a single uid, there are usually additional constraints placed on access beyond those of the user's permissions and ulimit (eg base_opendir) - but these do not apply to seperate processes. So you cross context into a different security model when you start a new process.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.