Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 386
  • Last Modified:

php will not execute a shell script

Having  trouble getting PHP to kick off a shell script I wrote.
Below is the result of an echo in PHP outputting the $command_string just before I execute  exec("$command_string") ;.

/Applications/XAMPP/xamppfiles/htdocs/myapp/AdminFiles/ForBackup/database_and_or_table_dump.sh "DnD" "my_dbname"

If I take that line and paste it into a shell it runs fine.

I've simplified the shell script to just echo "HELLO", and that doesn't work.
Same if I pass no parameters.
So my script isn't running.

WHO does the script run as?  Just curious as I have the perms 777 and that didn't help.

------------
Some of my exec cmd tries:

exec("/bin/bash $command_string") ;
exec("$command_string") ;
exec ($command_string) ;

------------
Release Notes:
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

[2014-08-21] XAMPP for OS X 1.8.3-5

This version of XAMPP includes:
    - Updated OpenSSL to 1.0.1g
    - Updated Apache to 2.4.9
    - Updated PHP to 5.5.11
    - phpMyAdmin 4.1.12

MySQL is 5.6.2.0
0
Ralph
Asked:
Ralph
  • 4
  • 3
1 Solution
 
Dave BaldwinFixer of ProblemsCommented:
Code running thru Apache will only have the permission of the Apache web server.  It will not have your permissions to run shell commands.  Apache is intentionally run under a limited user account to prevent people from doing the kinds of things that you are trying to do.  While it may be irritating on a single user computer, it is vital on a multi-user system where people might sabotage the machine.
0
 
RalphAuthor Commented:
Thanks Dave,

How then is the exec() and its cousins, meant to be used?
Any workarounds?
I need to run a non-trivial script, that checks/confirms things, to run mysqldump.
Could PHP run just that command with its parameters?

Thanks again,
Ralph
0
 
Dave BaldwinFixer of ProblemsCommented:
"exec()" is mostly useful running PHP on the command line (in the terminal) where it runs under your own permissions.  Because "exec()" can run any programs that you have permissions for, it is frequently disabled on web hosting servers.
0
Receive 1:1 tech help

Solve your biggest tech problems alongside global tech experts with 1:1 help.

 
RalphAuthor Commented:
Bad news, you should have prefaced.

Do you have any suggestions?
I know safe_mode is disappearing, so I don't want to go there.

My box and ultimately the DB & Apache server will be dedicated to this php app.

Thank you again,
Ralph
0
 
Dave BaldwinFixer of ProblemsCommented:
There is a feature called 'suexec' that is supposed to let you run PHP files in Apache under your own user permissions.  I don't know if it works or is even available for XAMPP on Mac.  Here's the Apache info: http://httpd.apache.org/docs/2.4/suexec.html

Another thing.  XAMPP (and WAMP and MAMP) is not considered secure enough for a 'production' environment with public and thus hacker access.  They are all designed to be 'easy' prototyping and testing environments.
0
 
RalphAuthor Commented:
Thanks again Dave.  Yes, mine is a dev box, and the real one will be dedicated to one app.
If I read the literature right, affixing a DIR and providing only limited access to the files, should (in my limited understanding of the abilities of crooked minded people), keep even the real thing safe.  But I'm not the one to make that decision unless they ask me.  THEN I will have to get smart and likely find another way to do this.
0
 
Dave BaldwinFixer of ProblemsCommented:
You're welcome.  Security is a full-time problem for publicly exposed web sites and servers.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now