how can I run root commands in php

Hello,
I need to run a command as root to create users on the system for webmail
server.

What is the best way to do this?

Thanks

Miguel Lopes wrote:
> Hello,
> I need to run a command as root to create users on the system for webmail
> server.
>
> What is the best way to do this?
>
> Thanks
>
>

Hi,

The easy way, adding user PHP (apache, nobody, www-date, whatever) to
sudo, is also very unsafe. So that is a no-go I'd say.

I solved this once in a similar situation as described hereunder.
It is not REAL security, more security-by-obscurity.

1) Make a directory somewhere that has NO directorylisting (check chmod
for directories under *nix for details)
2) In this directory, make another directory with an impossible-to-guess
name.
So you end up with something like this:
/home/lopes/public_html/nodirlisting/hjuyERWdklkJ754hjk367LpH
where the directory nodirlisting has no listingrights, so nobody can
find the name of the hjuyERWdklkJ754hjk367LpH-directory.
Make hjuyERWdklkJ754hjk367LpH writable for user PHP (eg www-data).


3) When you want to add a new user, write some commands to a file, eg a
line for each new webmailuser, then username, then password, etc.
4) create a cronjob for a user that has access to webmail (I am not sure
if that needs to be root).
Let the cronjob run every minute or so, and if something in the file in
hjuyERWdklkJ754hjk367LpH is found, add that to the webmail.

This is still not 100% safe, since everybody on the machine that can
access the file (eg other PHP-scripts), but they will have a hard time
guessing the name of the directory.

Security by obscurity. :-)

Maybe somebody has a REAL solid solution.
Regards,
Erwin Moller

"Erwin Moller"
<Since_humans_read_this_I_am_spammed_too_much@spam yourself.com> escreveu na
mensagem news:477dfd80$0$85792$e4fe514c@news.xs4all.nl...
> Miguel Lopes wrote:
>> Hello,
>> I need to run a command as root to create users on the system for webmail
>> server.
>>
>> What is the best way to do this?
>>
>> Thanks
>>
>>
>
> Hi,
>
> The easy way, adding user PHP (apache, nobody, www-date, whatever) to
> sudo, is also very unsafe. So that is a no-go I'd say.
>
> I solved this once in a similar situation as described hereunder.
> It is not REAL security, more security-by-obscurity.
>
> 1) Make a directory somewhere that has NO directorylisting (check chmod
> for directories under *nix for details)
> 2) In this directory, make another directory with an impossible-to-guess
> name.
> So you end up with something like this:
> /home/lopes/public_html/nodirlisting/hjuyERWdklkJ754hjk367LpH
> where the directory nodirlisting has no listingrights, so nobody can find
> the name of the hjuyERWdklkJ754hjk367LpH-directory.
> Make hjuyERWdklkJ754hjk367LpH writable for user PHP (eg www-data).
>
>
> 3) When you want to add a new user, write some commands to a file, eg a
> line for each new webmailuser, then username, then password, etc.
> 4) create a cronjob for a user that has access to webmail (I am not sure
> if that needs to be root).
> Let the cronjob run every minute or so, and if something in the file in
> hjuyERWdklkJ754hjk367LpH is found, add that to the webmail.
>
> This is still not 100% safe, since everybody on the machine that can
> access the file (eg other PHP-scripts), but they will have a hard time
> guessing the name of the directory.
>
> Security by obscurity. :-)
>
> Maybe somebody has a REAL solid solution.
> Regards,
> Erwin Moller

I been looking at a suphp has anyone worked with this.

It is quite easy:
If PHP hast root permission, it can run root tasks. And we don't want
that. Really. So Erwins suggestion is an immensely stupid idea.
The least thing you can do is use sudo restriced to the passwd command.
But do we want PHP to have full access to passwd? No.
I don't even use it to copy some files for maildrop.

So my suggestion is: Let the webserver PHP write into a db or file whats
absolutly necessary. In this case: username and password, I think.

Then run a shellscript (or even better a compiled program) with those
informations (outside webroot, with cron).

Jonas Werres wrote:
> It is quite easy:
> If PHP hast root permission, it can run root tasks. And we don't want
> that. Really. So Erwins suggestion is an immensely stupid idea.

Jonas,

Did you actually read my suggestion?
Or do you shout stuff like this as default behaviour?

Erwin Moller


> The least thing you can do is use sudo restriced to the passwd command.
> But do we want PHP to have full access to passwd? No.
> I don't even use it to copy some files for maildrop.
>
> So my suggestion is: Let the webserver PHP write into a db or file whats
> absolutly necessary. In this case: username and password, I think.
>
> Then run a shellscript (or even better a compiled program) with those
> informations (outside webroot, with cron).

> Did you actually read my suggestion?
You wanted to write commands to file by PHP, then run them throw a
cronjob. After reading three times, one might see the option, that you
did not mean shell commands but commands for a self written script.

But in any case, security by obscurity is still an immensly stupid idea,
so there is no use interpreting. If something should not be readable
from the web, don't make it readable. .htaccess might be a good idea.

Jonas Werres wrote:
>> Did you actually read my suggestion?
> You wanted to write commands to file by PHP, then run them throw a
> cronjob. After reading three times, one might see the option, that you
> did not mean shell commands but commands for a self written script.

So that is your way of saying you didn't understand it the first few
times you read it?
Very mature....

For future reference: If you don't understand a certain line of thought,
it is better to not make a fool of yourself by pretending you do..

>
> But in any case, security by obscurity is still an immensly stupid idea,
> so there is no use interpreting. If something should not be readable
> from the web, don't make it readable. .htaccess might be a good idea.

My suggestion doesn't NEED that the directory is placed in the webroot.
It could be placed in a webaccessible place.

I have still this feeling you don't know how to block a directorylisting
on *nix, and thus don't understand what I described.

Have it your way: Miss an oppertunity to learn by being a silly egomaniac.

Erwin Moller