Community Learn Tools Library Leisure
search
English
Home > Backend Development > PHP Tutorial > body text

How to Execute Root Commands Securely from PHP Applications?

DDD
Release: 2024-11-17 16:03:02
Original
312 people have browsed it

How to Execute Root Commands Securely from PHP Applications?

Execute Root Commands Seamlessly via PHP

Execute root commands securely is a common requirement in web-based applications. In this article, we'll delve into a solution that allows you to execute root commands with restricted user access, enhancing security while meeting functional requirements.

Initially, the approach was to grant the Apache user root privileges. However, this poses serious security risks and is strongly discouraged. Instead, we'll employ a more secure alternative.

Our solution revolves around creating a binary wrapper that will execute our desired commands as root. Here's a step-by-step guide to set this up:

  1. Create a Script with Root Commands:

    Craft a script that contains the root commands you need to execute. For instance, to restart the SSHD service, create a script named php_shell.sh with the following content:

    #!/bin/sh
/sbin/service sshd restart
    Copy after login

  2. Secure Script Permissions:

    Set the owner of php_shell.sh to root and grant write permissions only to the root user:

    chown root php_shell.sh
chmod u=rwx,go=xr php_shell.sh
    Copy after login

  3. Create a Binary Wrapper:

    This binary will execute our php_shell.sh with root privileges. Create a wrapper.c file with the following code:

    #include <stdlib.h>
#include <sys/types.h>
#include <unistd.h>

int main (int argc, char *argv[])
{
   setuid (0);
   system ("/bin/sh /path/to/php_shell.sh");
   return 0;
}
    Copy after login

  4. Compile and Set Permissions:

    Compile the wrapper.c file and set the correct permissions, including the suid bit:

    gcc wrapper.c -o php_root
chown root php_root
chmod u=rwx,go=xr,+s php_root
    Copy after login

By following these steps, you'll have a binary wrapper (php_root) that can execute root commands as specified in php_shell.sh. This provides a secure way to execute root commands from your PHP applications without compromising system security.

The above is the detailed content of How to Execute Root Commands Securely from PHP Applications?. For more information, please follow other related articles on the PHP Chinese website!

source:php.cn
Previous article:Why Do I Get a \"Typed Property Not Initialized\" Error with PHP 7.4 Property Type Hints? Next article:Is Micro-Optimization Worth the Tradeoff Between Readability and Performance?
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Latest Articles by Author
Latest Issues
function_exists() cannot determine the custom function Function test () {return true;} if (function_exists ('test')) {echo "test is function...
From 2024-04-29 11:01:01
0
2
1876
How to display the mobile version of Google Chrome Hello teacher, how can I change Google Chrome into a mobile version?
From 2024-04-23 00:22:19
0
10
2042
The child window operates the parent window, but the output does not respond. The first two sentences are executable, but the last sentence cannot be implemented.
From 2024-04-19 15:37:47
0
1
1719
There is no output in the parent window document.onclick = function(){ window.opener.document.write('I am the output of the child ...
From 2024-04-18 23:52:34
0
1
1621
Where is the courseware about CSS mind mapping? Courseware
From 2024-04-16 10:10:18
0
0
1633
Related Topics
More>
Popular Recommendations
Popular Tutorials
More>
Related Tutorials
Popular Recommendations
Latest courses
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template