Wed 23 Mar 2005--23:05:30--/home/webuser>whoami
root
Wed 23 Mar 2005--23:05:33--/home/webuser>cat test.php
<?php echo exec("whoami")."\n"; ?>
Wed 23 Mar 2005--23:05:36--/home/webuser>php test.php
Content-type: text/html
X-Powered-By: PHP/4.3.9root Wed 23 Mar 2005--23:05:39--/home/webuser>su webuser [EMAIL PROTECTED] ~]$ php test.php Content-type: text/html X-Powered-By: PHP/4.3.9 [EMAIL PROTECTED] ~]$ whoami webuser [EMAIL PROTECTED] ~]$ exit "Jim Poserina" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > The output is: > > OS Error: 127. > > I have a second server that I use as a downtime backup. On that one, all > the scripts work normally. I don't have to give a path for the commands, any > commands with permission problems return "permission denied," and the apache > user (nobody) actually has /sbin/nologin as the shell. > > > "Richard Lynch" <[EMAIL PROTECTED]> wrote in message > news:[EMAIL PROTECTED] > > On Mon, March 21, 2005 8:20 pm, Jim Poserina said: > > > If I run this PHP script: > > > <?php > > > echo '<pre>'; > > > echo exec('whoami'); > > > > The first most biggest thing wrong is that you aren't using the additional > > arguments to exec() to find out what your output is, and if your command > > generated an error. > > > > For starters, I'm betting that at least one of the following is true: > > whoami is not in the $PATH/$path of the PHP user. > > whoami is not executable by the PHP user. > > > > You'll never find out which unless you use the extra args to exec > > > > http://php.net/exec > > > > > echo '</pre>'; > > > ?> > > > > > > from the web, the output is > > > > > > <pre></pre>and from the command line running as the apache > user(webuser), > > > the output is. > > > Content-type: text/html > > > X-Powered-By: PHP/4.3.9 > > > > > > <pre></pre> > > > > EXCELLENT attempt to diagnose this, though! > > > > > But if I run from the command line as root, the output is: > > > > > > Content-type: text/html > > > X-Powered-By: PHP/4.3.9 > > > > > > <pre>root</pre>and from the command line as a user in the root group, > the > > > output is: > > > Content-type: text/html > > > X-Powered-By: PHP/4.3.9 > > > > > > <pre>jimpoz</pre>Safe mode is turned off. As webuser (or any > > > non-root-group > > > user), no shell commands work. Not echo, not ls, not whoami, not touch. > > > And > > > no shell functions work: no exec(), no passthru(), no shell_exec(), no > > > backticks. Every command I'm trying to run is world-readable and > > > world-executable. > > > > But are they in the $path of webuser? > > > > Use the full path to them if they aren't > > > > exec("/bin/whoami", $output, $error); > > if ($error) echo ("OS Error: $error.<br />\n"); > > echo implode("<br />", $output); > > > > > If I turn safe mode on, it gives me a "safe mode is on" warning only > about > > > lines that call shell_exec(), and not for exec() or any of the others. > > > Other > > > than that, it doesn't hang or give any kind of error or anything when it > > > comes to a shell function call; apparently it just ignores them. > > > > No, it tries to run them, and fails, and provides the error messages and > > error number in the variables you aren't using :-) > > > > Some days, I think the PHP Dev Group should just make those arguments to > > exec() required. > > > > -- > > Like Music? > > http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
