通过PHP执行根命令 [英] Execute root commands via PHP
问题描述
我有一个CentOS 5.7 Linux服务器和使用php5.3.x。
I have a CentOS 5.7 linux server and use php5.3.x.
在一个pfSense系统中,可以重新启动服务 - 即使用一个PHP网页需要root权限。
On a pfSense system, you can restart services-that required root permissions using a php web page.
我试图做同样的事情,我已经写了一些PHP code执行shell命令。例如,要重新启动sshd服务:
I'm trying to do something similar, I have written some php code to execute shell commands. For example, to restart the sshd service:
<?php
exec('/sbin/service sshd restart');
?>
和我试图通过执行函数来执行命令,但它需要root权限,但我们有一个Apache用户的权限。
and I tried to execute that command via exec function, but it needs root permission, but we have a apache user authority.
我也接触过几个解决方案:
I have come across a few solutions:
- 用root用户运行Apache
真的不安全。我不想这样做。 - 阿帕奇ALL = NOPASSWD:/ sbin目录/服务到/ etc / sudoers文件
我试过,但仍然有问题。
任何其他解决办法?
感谢您的答案。
Any other solutions? Thanks for answers.
现在..它很有趣。我想@refp后,它的工作我的本地Ubuntu的服务器。但是,当我在cenOS试图同VPS服务器。这不是working.and是Apache的错误日志RM:无法删除'的/ var /锁/ SUBSYS / vsftpd的':权限被拒绝
now.. it's interesting. i tried @refp post and it worked my local ubuntu server. But when i tried same at my cenOS vps server. It's not working.and that is apache's error log "rm: cannot remove `/var/lock/subsys/vsftpd': Permission denied"
推荐答案
的在动手之前,阅读整个后,有要作出的选择。的
1)创建脚本(preferrably .SH ),它包含你想成为跑了作为根的东西。
1) Create a script (preferrably .sh) that contains what you want to be ran as root.
# cat > php_shell.sh <<CONTENT
#!/bin/sh
/sbin/service sshd restart
CONTENT
2)这个文件应该由root所拥有,而且由于它以后会以root权限运行,确保只有root有权限写入文件。
2) This file should be owned by root, and since it will later run with root permissions make sure that only root has permission to write to the file.
# chown root php_shell.sh
# chmod u=rwx,go=xr php_shell.sh
3):要运行脚本根无论什么用户执行它,我们需要一个二进制的包装。创建一个将执行我们的 php_shell.sh 。
3) To run the script as root no matter what user that executes it, we will need a binary wrapper. Create one that will execute our php_shell.sh.
# cat > wrapper.c <<CONTENT
#include <stdlib.h>
#include <sys/types.h>
#include <unistd.h>
int
main (int argc, char *argv[])
{
setuid (0);
/* WARNING: Only use an absolute path to the script to execute,
* a malicious user might fool the binary and execute
* arbitary commands if not.
* */
system ("/bin/sh /path/to/php_shell.sh");
return 0;
}
CONTENT
4)编译并设置适当的权限,包括SUID位(说,它应该以root权限运行):
4) Compile and set proper permissions, including the suid bit (saying that it should run with root privileges):
# gcc wrapper.c -o php_root
# chown root php_root
# chmod u=rwx,go=xr,+s php_root
php_root 现在将使用root权限运行,和执行 php_root.sh 指定的命令。
php_root will now run with root permissions, and execute the commands specified in php_root.sh.
如果您不需要的选项很容易地改变将要执行我建议你直接在 wrapper.c 写的命令下步什么命令 4 。然后,你不需要有一个二进制执行有关执行命令的外部脚本。
If you don't need to the option to easily change what commands that will be executed I'd recommend you to write the commands directly in wrapper.c under step 4. Then you don't need to have a binary executing a external script executing the commands in question.
在 wrapper.c ,使用系统(你的shell命令在这里); 来指定哪些命令你倒是喜欢去执行。
In wrapper.c, use system ("your shell command here"); to specify what commands you'd like to execute.
这篇关于通过PHP执行根命令的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
