Hi,
I want to implement a Web based System administration page in PHP. I'm
planning to use apache server, mySQL and Ubuntu/debian. Can I
implement it using the functions passthru(),exec () and system(). I
want it to have functions like creating user accounts,changi ng file
permissions and all that you can do using linux commands.What is the
best way to do it ? Can it be done without using perl ?
5  1578 
amalprakash3220 wrote:
Hi,
I want to implement a Web based System administration page in PHP. I'm
planning to use apache server, mySQL and Ubuntu/debian. Can I
implement it using the functions passthru(),exec () and system(). I
want it to have functions like creating user accounts,changi ng file
permissions and all that you can do using linux commands.What is the
best way to do it ? Can it be done without using perl ?
You can do it, with the right authority. But you need to be very
careful - one slip and you can open your system to hackers with all
kinds of possibilities.
You might look into webmin - it does much of that already, and is
probably more secure than you (or any one person) would write yourself.
And there are others out there, also (some commercial).
--
=============== ===
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp. js*******@attgl obal.net
=============== ===
Jerry Stuckle wrote:
amalprakash3220 wrote:
>Hi,
I want to implement a Web based System administration page in PHP. I'm
planning to use apache server, mySQL and Ubuntu/debian. Can I
implement it using the functions passthru(),exec () and system(). I
want it to have functions like creating user accounts,changi ng file
permissions and all that you can do using linux commands.What is the
best way to do it ? Can it be done without using perl ?
You can do it, with the right authority.
Can you elaborate on this a bit.
I wanted to run some ImageMagick commands through an exec and ran
into permissions issues. Yet, I could do stuff like ls -al. Is this an
ownership issue or what?
But you need to be very
careful - one slip and you can open your system to hackers with all
kinds of possibilities.
You might look into webmin - it does much of that already,
I don't believe that there is anyone who really understands webmin.
There's a handful of things that I can do in it, but mostly it's
inscrutable. Easier to use a command line. I spent a couple weeks trying
to figure it out and gave up.
I'd like the same thing. Haven't had time yet to learn bash scripting.
Jeff
and is
probably more secure than you (or any one person) would write yourself.
And there are others out there, also (some commercial).
Jeff wrote:
Jerry Stuckle wrote:
>amalprakash322 0 wrote:
>>Hi,
I want to implement a Web based System administration page in PHP. I'm
planning to use apache server, mySQL and Ubuntu/debian. Can I
implement it using the functions passthru(),exec () and system(). I
want it to have functions like creating user accounts,changi ng file
permissions and all that you can do using linux commands.What is the
best way to do it ? Can it be done without using perl ?
You can do it, with the right authority.
Can you elaborate on this a bit.
Just what I said. You need to study up on Unix security and understand
how it works. Then the web server user (if you're using PHP as a
module) must have permission to perform the requested operations.
Alternatively you can allow PHP to change it's uid, but that's so
dangerous you shouldn't even think about it.
I wanted to run some ImageMagick commands through an exec and ran into
permissions issues. Yet, I could do stuff like ls -al. Is this an
ownership issue or what?
Ownership and permissions.
But you need to be very
>careful - one slip and you can open your system to hackers with all
kinds of possibilities.
You might look into webmin - it does much of that already,
I don't believe that there is anyone who really understands webmin.
There's a handful of things that I can do in it, but mostly it's
inscrutable. Easier to use a command line. I spent a couple weeks trying
to figure it out and gave up.
I've been using it for quite a while. While I do most of my
administration from the command line (because I started doing it long
before tools like webmin existed), it does have its uses. And if you're
going to get into system stuff like user administration (which often
requires root access), it's much more secure than a module you do
yourself. I mainly use it when I need to do something but don't have
ssh access available (like when I'm at a client site).
It has its uses.
I'd like the same thing. Haven't had time yet to learn bash scripting.
Jeff
and is
>probably more secure than you (or any one person) would write
yourself. And there are others out there, also (some commercial).
System security is nothing to fool with. Even if you know all about it
(which I don't think any one person does), it's still very easy to miss
something. And if a hacker gets it, he can do virtually anything he
wants - from using your server to distribute spam, virii, etc., to
completely wiping out your server. He can even change your passwords so
you're locked out of your own system. Then it's generally time to wipe
the system and reload it from scratch. A lot of hassle for one small error!
--
=============== ===
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp. js*******@attgl obal.net
=============== ===
On Aug 27, 11:58 am, amalprakash3220 <amalprakash3.. .@gmail.com>
wrote:
Hi,
I want to implement a Web based System administration page in PHP. I'm
planning to use apache server, mySQL and Ubuntu/debian. Can I
implement it using the functions passthru(),exec () and system(). I
want it to have functions like creating user accounts,changi ng file
permissions and all that you can do using linux commands.What is the
best way to do it ? Can it be done without using perl ?
I had a dedicated directory for scripts to be run by the webapp; you
might try looking into setuid to give things just enough permissions
to accomplish what you need or, failing that, use sudo.
I know people will complain it's a security issue (and it is), but
doing system administration over a webserver will never not be a
security risk.
Luckily, in my case, it was a server on our intranet, and I wasn't
doing system administration, I was simply running a few tasks that
couldn't be run as the apache user.
Michael Vilain wrote:
In article
<05************ *************** *******@j22g200 0hsf.googlegrou ps.com>,
fred <fr*******@gmai l.comwrote:
>On Aug 27, 11:58 am, amalprakash3220 <amalprakash3.. .@gmail.com>
wrote:
>>Hi,
I want to implement a Web based System administration page in PHP. I'm
planning to use apache server, mySQL and Ubuntu/debian. Can I
implement it using the functions passthru(),exec () and system(). I
want it to have functions like creating user accounts,changi ng file
permissions and all that you can do using linux commands.What is the
best way to do it ? Can it be done without using perl ?
I had a dedicated directory for scripts to be run by the webapp; you
might try looking into setuid to give things just enough permissions
to accomplish what you need or, failing that, use sudo.
I know people will complain it's a security issue (and it is), but
doing system administration over a webserver will never not be a
security risk.
Luckily, in my case, it was a server on our intranet, and I wasn't
doing system administration, I was simply running a few tasks that
couldn't be run as the apache user.
Don't use setuid on web scripts! Shame on you for suggesting that
highly insecure and dangerous idea. Fred's penance is to filter spam on
the servers for 1 week.
Use cgiwrap to run the scripts as the logged in user rather than the web
server's ID.
http://cgiwrap.sourceforge.net/
Or better yet, stop re-inventing the wheel and use webmin.
I agree on not doing setuid() for the web server. And cgiwrap will
help, also. But you can also create CLI scripts which do specific
things (one thing per script). That script can then do a setuid() with
a bit of safety.
To do it, you'll need to set the setuid bit for the php executable -
which you don't want to allow for everyone. So I suggest making a copy
of the executable, set the setuid bit on the copy and only use the copy
when you need to do the setuid.
Also, make the pages which call them password protected and only
available via ssl.
It's still not totally secure - but it's as secure as using cgiwrap, and
about as secure as you can get while having things available via the web
server.
--
=============== ===
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp. js*******@attgl obal.net
=============== === This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Rafal 'Raf256' Maj |
last post by:
Hi,
Warning: passthru() has been disabled for security reasons in ...
how can I change my php.ini file (php4/apache/winxp server) to enable this
function? How can I best work around if I can't use this function?
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~l-.~~~~~~~~~~~~~~~~~~~
|
by: Yemi |
last post by:
Hi There.
I seem to be getting some inconsistent results when using passthru()
in safe mode. They appear to be related to the fact that passthru
should treat all command arguments as one single argument when safe
mode is on. Everything works just fine on my MacOS X webserver (
Apache 1.3.29 with PHP 4.3.6 ). But on my Linux Enterprise 3.0
production server (running Apache 2.0.46 with PHP 4.3.2) things are
different.
|
by: Jerry |
last post by:
I've found a problem with exec, passthru, shell_exec & system.
I'm trying to run the following
exec("sort -r -n -k2,2 r1.txt > r2.txt")
with r1.txt being a numeric file. The file looks like this:
237 291 845 152 585 3
193 810 173 484 151 3
|
by: Martin Kofahl |
last post by:
Hello,
I'm slightly confused with the passthru() command. The program I call writes
html headers itself. However, passthru() makes apache sending some generated
headers first. There's no fault with spaches in the code etc, I think.
Here's an simplified example:
$ cat /www/example.php
<?
|
by: Spudster3 |
last post by:
I'm trying to get this to work..
<?php
echo passthru('wmic cpu get loadpercentage');
?>
and just output to the browser... It looks like cmd.exe hangs when it
tries to execute the command. The IUSR_ account has access to both the
cmd.exe and wmic files. I have also tried copying the wmic files to
the C:\php dir, and to the directory the web app is running from. Any
| | |
by: Robertico |
last post by:
Hi,
I tried to use the Passthru and System function to resolve some whois
information.
echo passthru('whois 62.69.168.12') .'<br>';
-or-
$whois = system('whois 62.69.168.12', $retval);
It works fine, but all the result text is at one line. How can i format this
|
by: baustin75 |
last post by:
Posted: Mon Oct 03, 2005 1:41 pm Post subject: cannot mail() in ie
only when debugging in php designer 2005
--------------------------------------------------------------------------------
Hello,
I have a very simple problem but cannot seem to figure it out. I have a
very simple php script that sends a test email to myself. When I debug
it in PHP designer, it works with no problems, I get the test email. If
|
by: rickcasey |
last post by:
I cannnot seem to get exec() or passthru() to execute a perl script;
here's the code snippet:
if ($debug) {
echo "username1 = ".$username1."<br>";
echo "dbname = ".$dbname."<br>";
echo "SESSION = ".$_SESSION."<br>";
echo "Output file = ".$outputfile."<br>";
echo "Project name = ".$projectname."<br>";
echo "Study name = ".$studyname."<br>";
|
by: bobh |
last post by:
Hi All,
In AccessXP I'm trying to change a query I have to a 'passthru' query
and its failing. I think its due the fact that I have an 'IIF' in it.
What is the sql equivalant to Access ' IIF '
bobh.
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
| | |
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| | |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |
