Ack! No no no no no! At least put something this critical in a password protected database, not a place that could possibly be written to by a malicious user that gains access to an easily-writable directory like /tmp, the DoS and security ramifications of having a system like this are huge. Be exceptionally careful, and never pretend that /tmp is a safe place for data. If something is being read from /tmp then it should be treated the same way user-inputted data is, and never trusted.
-Javier -----Original Message----- From: Robert Cummings [mailto:[EMAIL PROTECTED] Sent: Sunday, November 09, 2003 12:47 AM To: Teren Cc: PHP-General Subject: Re: [PHP] Executing shell commands On Sun, 2003-11-09 at 03:41, Teren wrote: > > Hi, I'm trying to write a front end for something and I want to be > able to execute shell commands. I tried all of the pre-written > functions and non of them would work. I setup a user that can sudo and > then i set apache to run as that user. So, what I tried to do is > shell_exec("sudo -s; reboot;"); but that didn't work, I also tried > other numerous variations all of which didn't work (also using exec(), > system(), passthru() ). If any one has any ideas how i can do this, > please let me know. Thanks I believe this has been answered quite recently and the large consensus was to have a daemon (cron or otherwise) check for some status file or database entry, which when set it would perform the required function. So for instance to reboot the machine, perhaps a cron job would check for the existence of /tmp/myFrontEnd/reboot and if found reboot the machine. Thus the front end would only need to create the file. HTH, Rob. -- .------------------------------------------------------------. | InterJinn Application Framework - http://www.interjinn.com | :------------------------------------------------------------: | An application and templating framework for PHP. Boasting | a | powerful, scalable system for accessing system services | such as | forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `------------------------------------------------------------' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
