Limitation of system() in php.. How can become super user!?

Status
Not open for further replies.
Hello

If I write the function system("reboot") in php on FreeBSD it will not work. How can make it to work?

Also, if i write php code like following:
Code:
<?php
system("[color="Red"][B]telnet localhost 2601[/B][/color]");
?>
the system then needs a password for telneting the port 2601 for example. How can give the system the password using php functions?
 
anti said:
If I write the function system("reboot") in php on FreeBSD it will not work. How can make it to work?
Install and configure security/sudo.


anti said:
Also, if i write php code like following:
Code:
<?php
system("[color="Red"][B]telnet localhost 2601[/B][/color]");
?>
the system then needs a password for telneting the port 2601 for example. How can give the system the password using php functions?
Use PHP sockets/streams.
 
aragon said:
Install and configure security/sudo.



Use PHP sockets/streams.

a lot thanks, but still it is not clear how to use security/sudo ports? security/sudo have installed , but I do not know how can I use. I will be glad if you share your knowledge about sudo with me.
I am waiting you plz. thanx. ;)
 
you can type 'visudo' as super user and it will open the configuration file in $EDITOR

Adding the line
Code:
ray    rushmore = NOPASSWD: /bin/kill, /bin/ls, /usr/bin/lprm
would allow the user ray to run /bin/kill, /bin/ls, and /usr/bin/lprm
as root on the machine rushmore without authenticating himself.
(from man sudoers)

You can generalize this to the user executing the php code and the commands you want to be able to run as that user.

The command should now be executed like
Code:
sudo /bin/kill 1
as that user.
 
Hello tkjacobsen, a lot of thanks for your support but the problem still exist. This msg appears when i excute my php code.
Code:
www : user NOT authorized on host ; TTY= unknown ; PWD=/usr/local/www/apache22/data; USER=root ; COMMAND=/sbin/reboot
 
I am sorry Moderator!
...

This is my sudoers file

Code:
# sudoers file.
#
# This file MUST be edited with the 'visudo' command as root.
# Failure to use 'visudo' may result in syntax or file permission errors
# that prevent sudo from running.
#
# See the sudoers man page for the details on how to write a sudoers file.
#

# Host alias specification

# User alias specification

# Cmnd alias specification

# Defaults specification
# Uncomment if needed to preserve environmental variables related to the
# FreeBSD pkg_* utilities and fetch.
#Defaults	env_keep += "PKG_PATH PKG_DBDIR PKG_TMPDIR TMPDIR PACKAGEROOT PACKAGESITE PKGDIR FTP_PASSIVE_MODE"

# Additionally uncomment if needed to preserve environmental variables
# related to portupgrade.
#Defaults	env_keep += "PORTSDIR PORTS_INDEX PORTS_DBDIR PACKAGES PKGTOOLS_CONF"

# Runas alias specification

# User privilege specification
[color="Red"][B]root	ALL=(ALL) ALL
ALL     ALL=(ALL) NOPASSWD: ALL
www    ALL=(ALL) ALL[/B][/color]
# Uncomment to allow people in group wheel to run all commands
# %wheel	ALL=(ALL) ALL

# Same thing without a password
 %www	ALL=(ALL) NOPASSWD: ALL

# Samples
# %users  ALL=/sbin/mount /cdrom,/sbin/umount /cdrom
# %users  localhost=/sbin/shutdown -h now

any idea?
 
Remove these:
Code:
ALL     ALL=(ALL) NOPASSWD: ALL
www    ALL=(ALL) ALL
{snip}
 %www	ALL=(ALL) NOPASSWD: ALL

You really, REALLY, do NOT want to give sudo access to www this way.

Now, for just reboot, and ONLY reboot:
Code:
www    ALL=NOPASSWD: /sbin/reboot

You really need to ask yourself what you're doing and why. The way you are moving now will result in a hacked server.
 
SirDice .. i did exactly what u tell me... but still no effect!!

Is it possible that the problem exist bcz of php code?? i dont know!
 
Me neither. Any error messages? /var/log/messages? Apache error log?
 
anti said:
If I write the function system("reboot") in php on FreeBSD it will not work. How can make it to work?

This sounds like trouble. If this is not implemented correctly, you're going to create a nice, dangerous risk for yourself.

Apologies if this suggestion is not useful, but depending on your circumstances and needs, you might want to look into something like Webmin. (You can create a user for the purpose of restarting the server, and then lock down the modules he has access to pretty significantly.)
 
anti said:
SirDice .. i did exactly what u tell me... but still no effect!!

Is it possible that the problem exist bcz of php code?? i dont know!

Have you tried rebooting the machine as www? Command line, not via php code.
 
Yes, nice way to test. Just login as root, then:

Code:
su - www
sudo /sbin/reboot

That should work. If it doesn't there may still be something wrong with you sudoers file.
 
SirDice said:
Code:
[color="Red"]su - www[/color]
sudo /sbin/reboot

The red command does not work! :x

This the result of id www:
Code:
uid=80(www)  gid=80(www)  groups=80(www)

Does chsh will help?
 
sixtydoses said:
What was the error? How did you create the user www?

I did not create this user(www), I think that apache server created it, I know that from the code:
PHP:
<?php

system("whoami");
?>

the output is: www


!!
 
Can a 'shell-less' user actually use sudo? The default shell of user www is usually /usr/sbin/nologin.
 
DutchDaemon said:
Can a 'shell-less' user actually use sudo? The default shell of user www is usually /usr/sbin/nologin.

i think you are right! but can i give www a shell ?? how?
 
DutchDaemon said:
Can a 'shell-less' user actually use sudo? The default shell of user www is usually /usr/sbin/nologin.

Oh yea sorry, I totally forgot about the www/apache thing. Was treating it like a normal user with the name www. Yea, www's default shell is /usr/sbin/nologin and can't use sudo unless it has a shell.

@anti
You can use the command # chsh to change www's shell, but as mentioned several times in earlier threads, this is not an advisable thing to do in the first place.
 
sixtydoses said:
Oh yea sorry, I totally forgot about the www/apache thing. Was treating it like a normal user with the name www. Yea, www's default shell is /usr/sbin/nologin and can't use sudo unless it has a shell.

@anti
You can use the command # chsh to change www's shell, but as mentioned several times in earlier threads, this is not an advisable thing to do in the first place.

I am asking about that for knowing if it is useful thing to do somthing like it, I mean > giving a shell for www Does that make sense?, so i can execute any command that i need using php pages??

by the way,#chsh command require that i am already logon on www user, but how can logon it ?? i think that www somehow different than other users.. i dont know!! x(
 
Run # chsh www as root, and change this:
Code:
Shell: /usr/sbin/nologin

to something like this:
Code:
Shell: /usr/local/bin/bash

Save it.

Then run # su www.
 
It's not a good idea to set it to bash. It's not installed by default. This will most likely result in more errors when the OP takes the advice.
 
Status
Not open for further replies.
Back
Top