Don't want php script to execute the shell command as apache user when it is executed through browser?

php apache shell unix webserver

Sudo normally requires an interactive shell to enter your password. That's obviously not going to happen in a PHP script. If you're sure you know what you're doing and you've got your security issues covered, try allowing the Apache user to run sudo without a password, but only for certain commands.

For example, adding the following line in your sudoers file will allow Apache to run sudo without a password, only for the gzip command.

nobody ALL=NOPASSWD: gzip

Adjust the path and add any arguments to suit your needs.

Caution:

There might still be complications due to the way PHP calls shellcommands.
Remember that it's very risky to allow the web server torun commands as root!

Another alternative:

Write a shell script with the suid bit to make it run as root no matter who calls it.

Probably a better alternative:

Write the commands to a queue and have cron pick them up, validate them (only allow known good requests), and run them, then mark that queue complete with the date and result.

Your end-user can then click/wait for update using ajax.

Hope it helps resolve your answer.

CodeHunter

Don't want php script to execute the shell command as apache user when it is executed through browser?

Recent Posts

How can I color dots in a xy scatterplot according to column value?

How to update a claim in ASP.NET Identity?

What does {0} mean when initializing an object?

Accessing members of items in a JSONArray with Java

How to log SQL statements in Spring Boot?

Powershell Get-WebSite name parameter is ignored

How to detect scroll to bottom of html element

Java synchronized method

How to test controllers with CodeIgniter?

Detect Visual Composer

Matplotlib: Specify format of floats for tick labels

Rails join a list of strings with commas and "and" before the last