pmsguy
asked on
How do I run a PHP program to kill a process on Linux? The PHP script needs superuser permission.
I have a web application that needs to run a PHP sytem command to kill a process.
To kill the process the PHP script needs Linux superuser access.
I do NOT want the user to have to enter the Linux superuser username and password.
To kill the process the PHP script needs Linux superuser access.
I do NOT want the user to have to enter the Linux superuser username and password.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
does the php scrpt needs the suppoer use access [ which is realy realy bad]
or
the user needs the supper user access ?? [ you can follow omarfarid suggestion]
or
the user needs the supper user access ?? [ you can follow omarfarid suggestion]
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I basically am running a php script to kill a process.
The user needs to be logged in to the admin php backend to run this scripts.
What security issues do you see with this?
The user needs to be logged in to the admin php backend to run this scripts.
What security issues do you see with this?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
giving root access especially through web interface is one of the most dangerous actions you could take against your system.
> What security issues do you see with this?
There are so many that it is really a nonsense to discuss here. If you google a little bit I'm sure will find lots of places with large discussions on the topic.
Just the fact that nobody didn't answer with 'a great idea' must cause you to re-think about.
At least if remote user is allowed to kill one process it can kill any other process...
HTH
i
> What security issues do you see with this?
There are so many that it is really a nonsense to discuss here. If you google a little bit I'm sure will find lots of places with large discussions on the topic.
Just the fact that nobody didn't answer with 'a great idea' must cause you to re-think about.
At least if remote user is allowed to kill one process it can kill any other process...
HTH
i
@eager and @ivostoykov is right
if you want a user to access your server via php script and to kill process then you need to give apache root access . as @ivostoykov which is most dangerous. no body will tell you to do this
becase if you give apache root access then even if you put apache in sudo file [ if you can] and give it access to run kill command,
then any one would be able to kill any process to the server
if you want a user to access your server via php script and to kill process then you need to give apache root access . as @ivostoykov which is most dangerous. no body will tell you to do this
becase if you give apache root access then even if you put apache in sudo file [ if you can] and give it access to run kill command,
then any one would be able to kill any process to the server
ASKER
The user will NOT have access to kill any random process. The PHP script will call a bash script that will kill a particular process. The PHP script is only accessible via a login and the PHP script will only execute if certain SESSION variables are set. So what are your comments on any security risks with this scenario?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I appreciate everyones input.
you may use system(cmd, ret_val)
i