通过 PHP 执行 root 命令 [英] Execute root commands via PHP

查看:36
本文介绍了通过 PHP 执行 root 命令的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我有一个 CentOS 5.7 linux 服务器并使用 php5.3.x.

I have a CentOS 5.7 linux server and use php5.3.x.

在 pfSense 系统上,您可以使用 php 网页重新启动需要 root 权限的服务.

On a pfSense system, you can restart services-that required root permissions using a php web page.

我正在尝试做类似的事情,我编写了一些 php 代码来执行 shell 命令.比如重启sshd服务:

I'm trying to do something similar, I have written some php code to execute shell commands. For example, to restart the sshd service:

<?php
exec('/sbin/service sshd restart');
?>

我尝试通过 exec 函数执行该命令,但它需要 root 权限,但我们有 apache 用户权限.

and I tried to execute that command via exec function, but it needs root permission, but we have a apache user authority.

我遇到了一些解决方案:

I have come across a few solutions:

  1. 以 root 用户运行 apache"真的不安全.我不想那样做.
  2. "apache ALL=NOPASSWD:/sbin/service 到/etc/sudoers"我试过了,但仍然有问题.

还有其他解决方案吗?感谢您的回答.

Any other solutions? Thanks for answers.

现在..很有趣.我试过@refp 帖子,它在我的本地 ubuntu 服务器上工作.但是当我在我的 cenOS vps 服务器上尝试相同时.它不起作用.那是 apache 的错误日志rm:无法删除`/var/lock/subsys/vsftpd':权限被拒绝"

now.. it's interesting. i tried @refp post and it worked my local ubuntu server. But when i tried same at my cenOS vps server. It's not working.and that is apache's error log "rm: cannot remove `/var/lock/subsys/vsftpd': Permission denied"

推荐答案

在尝试之前阅读整篇文章,有很多选择.

1) 创建一个脚本(最好是 .sh),其中包含您希望以 root 身份运行的内容.

1) Create a script (preferrably .sh) that contains what you want to be ran as root.

# cat > php_shell.sh <<CONTENT
  #!/bin/sh
  /sbin/service sshd restart
CONTENT

2) 这个文件应该归 root 所有,因为它以后会以 root 权限运行,所以请确保只有 root 才有写入文件的权限.

2) This file should be owned by root, and since it will later run with root permissions make sure that only root has permission to write to the file.

# chown root php_shell.sh
# chmod u=rwx,go=xr php_shell.sh

3) 要以 root 身份运行脚本,无论是哪个用户执行它,我们都需要一个二进制包装器.创建一个将执行我们的 php_shell.sh.

3) To run the script as root no matter what user that executes it, we will need a binary wrapper. Create one that will execute our php_shell.sh.

# cat > wrapper.c <<CONTENT
  #include <stdlib.h>
  #include <sys/types.h>
  #include <unistd.h>

  int
  main (int argc, char *argv[])
  {
     setuid (0);

     /* WARNING: Only use an absolute path to the script to execute,
      *          a malicious user might fool the binary and execute
      *          arbitary commands if not.
      * */

     system ("/bin/sh /path/to/php_shell.sh");

     return 0;
   }
CONTENT

4) 编译并设置适当的权限,包括 suid 位(说它应该以 root 权限运行):

4) Compile and set proper permissions, including the suid bit (saying that it should run with root privileges):

# gcc wrapper.c -o php_root
# chown root php_root
# chmod u=rwx,go=xr,+s php_root

php_root 现在将以 root 权限运行,并执行 php_shell.sh 中指定的命令.

php_root will now run with root permissions, and execute the commands specified in php_shell.sh.

如果您不需要选项来轻松更改将要执行的命令,我建议您直接在 wrapper.c 中的步骤 4.然后,您不需要让二进制文件来执行执行相关命令的外部脚本.

If you don't need to the option to easily change what commands that will be executed I'd recommend you to write the commands directly in wrapper.c under step 4. Then you don't need to have a binary executing a external script executing the commands in question.

wrapper.c 中,使用 system ("your shell command here"); 指定您要执行的命令.

In wrapper.c, use system ("your shell command here"); to specify what commands you'd like to execute.

这篇关于通过 PHP 执行 root 命令的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆