i think one of us misunderstood your posting ... my suggestion was simply to put a php script in your crontab to be run whenever you set it to go .. if you are writing a php script to update crontab for you as Liam understood your message it is not a good idea ( actually it's a really bad idea :) )
but running a php script versus a bash or perl or whatever script/program is no more a concern than those ( always have security in mind ) On Tue, 2003-03-04 at 13:07, John Taylor-Johnston wrote: > Cal, Liam, Jimmy, > Thanks. If this is a serious security hazard, could you show me some code that is > more secure? I am the "root". Mind you I've never worked with crontab before. I want > to run /var/www/backup_mysql.php I suppose I should start by putting it somewhere > not publicly accessible? > > Thanks, > John > > Liam Gibbs wrote: > > > > Can I run a php script in crontab? > > > Do I echo or print? > > > Anyone doing it? > > > > This is a serious security hazard. However, what you could do is have a PHP > > page set cron settings (such as name of file, location, frequency, and > > importance), then have another cron job (running at a decent frequency) do > > the organization. However, this is still a security flaw, as hackers can > > just take a look at your cron jobs and get in and run their own in place of > > yours. Probably no more a flaw than normal, though, as if a hacker can get > > in to replace your cron job, they can get in and run any number of things > > anyway. Make sure to hard code your cron jobs, as having a downloadable page > > is a bigger security hazard. You don't want the PHP page to do this itself, > > because it will have to run as root. > > > > I did this one time, and if I'm allowed some time to get my page up, I can > > e-mail you some instructions. What you'll need is a PHP page, a txt file > > (for the settings) and a cron job that will read the file and do the > > necessary steps to arrange the cron jobs itself. -- Jimmy Brake <[EMAIL PROTECTED]> -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
