[PHP] Executing shell commands

[Teren]

Hi, I'm trying to write a front end for something and I want to be able to execute 
shell commands. I tried all of the pre-written functions and non of them would work. I 
setup a user that can sudo and then i set apache to run as that user. So, what I tried 
to do is shell_exec(sudo -s; reboot;); but that didn't work, I also tried other 
numerous variations all of which didn't work (also using exec(), system(), passthru()  
). If any one has any ideas how i can do this, please let me know. Thanks

Teren

Re: [PHP] Executing shell commands

[Robert Cummings]

On Sun, 2003-11-09 at 03:41, Teren wrote:

 Hi, I'm trying to write a front end for something and I want to be able
 to execute shell commands. I tried all of the pre-written functions
 and non of them would work. I setup a user that can sudo and then i
 set apache to run as that user. So, what I tried to do is
 shell_exec(sudo -s; reboot;); but that didn't work, I also tried
 other numerous variations all of which didn't work (also using exec(),
 system(), passthru()  ). If any one has any ideas how i can do this,
 please let me know. Thanks

I believe this has been answered quite recently and the large consensus
was to have a daemon (cron or otherwise) check for some status file or
database entry, which when set it would perform the required function.
So for instance to reboot the machine, perhaps a cron job would check
for the existence of /tmp/myFrontEnd/reboot and if found reboot the
machine. Thus the front end would only need to create the file.

HTH,
Rob.
-- 
..
| InterJinn Application Framework - http://www.interjinn.com |
::
| An application and templating framework for PHP. Boasting  |
| a powerful, scalable system for accessing system services  |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for   |
| creating re-usable components quickly and easily.  |
`'

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Executing shell commands

[Javier Muniz]

Ack! No no no no no! At least put something this critical in a password
protected database, not a place that could possibly be written to by a
malicious user that gains access to an easily-writable directory like /tmp,
the DoS and security ramifications of having a system like this are huge.
Be exceptionally careful, and never pretend that /tmp is a safe place for
data.  If something is being read from /tmp then it should be treated the
same way user-inputted data is, and never trusted.

-Javier

-Original Message-
From: Robert Cummings [mailto:[EMAIL PROTECTED] 
Sent: Sunday, November 09, 2003 12:47 AM
To: Teren
Cc: PHP-General
Subject: Re: [PHP] Executing shell commands


On Sun, 2003-11-09 at 03:41, Teren wrote:

 Hi, I'm trying to write a front end for something and I want to be 
 able to execute shell commands. I tried all of the pre-written 
 functions and non of them would work. I setup a user that can sudo and 
 then i set apache to run as that user. So, what I tried to do is 
 shell_exec(sudo -s; reboot;); but that didn't work, I also tried 
 other numerous variations all of which didn't work (also using exec(), 
 system(), passthru()  ). If any one has any ideas how i can do this, 
 please let me know. Thanks

I believe this has been answered quite recently and the large consensus was
to have a daemon (cron or otherwise) check for some status file or database
entry, which when set it would perform the required function. So for
instance to reboot the machine, perhaps a cron job would check for the
existence of /tmp/myFrontEnd/reboot and if found reboot the machine. Thus
the front end would only need to create the file.

HTH,
Rob.
-- 
..
| InterJinn Application Framework - http://www.interjinn.com |
::
| An application and templating framework for PHP. Boasting  | a 
| powerful, scalable system for accessing system services  | such as 
| forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for   |
| creating re-usable components quickly and easily.  |
`'

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Executing shell commands

[Robert Cummings]

I did mention database as one of the solutions. The question wasn't
about security so I didn't elaborate.

Cheers,
Rob.

On Sun, 2003-11-09 at 16:45, Javier Muniz wrote:
 Ack! No no no no no! At least put something this critical in a password
 protected database, not a place that could possibly be written to by a
 malicious user that gains access to an easily-writable directory like /tmp,
 the DoS and security ramifications of having a system like this are huge.
 Be exceptionally careful, and never pretend that /tmp is a safe place for
 data.  If something is being read from /tmp then it should be treated the
 same way user-inputted data is, and never trusted.
 
 -Javier
 
 -Original Message-
 From: Robert Cummings [mailto:[EMAIL PROTECTED] 
 Sent: Sunday, November 09, 2003 12:47 AM
 To: Teren
 Cc: PHP-General
 Subject: Re: [PHP] Executing shell commands
 
 
 On Sun, 2003-11-09 at 03:41, Teren wrote:
 
  Hi, I'm trying to write a front end for something and I want to be 
  able to execute shell commands. I tried all of the pre-written 
  functions and non of them would work. I setup a user that can sudo and 
  then i set apache to run as that user. So, what I tried to do is 
  shell_exec(sudo -s; reboot;); but that didn't work, I also tried 
  other numerous variations all of which didn't work (also using exec(), 
  system(), passthru()  ). If any one has any ideas how i can do this, 
  please let me know. Thanks
 
 I believe this has been answered quite recently and the large consensus was
 to have a daemon (cron or otherwise) check for some status file or database
 entry, which when set it would perform the required function. So for
 instance to reboot the machine, perhaps a cron job would check for the
 existence of /tmp/myFrontEnd/reboot and if found reboot the machine. Thus
 the front end would only need to create the file.
 
 HTH,
 Rob.
 -- 
 ..
 | InterJinn Application Framework - http://www.interjinn.com |
 ::
 | An application and templating framework for PHP. Boasting  | a 
 | powerful, scalable system for accessing system services  | such as 
 | forms, properties, sessions, and caches. InterJinn |
 | also provides an extremely flexible architecture for   |
 | creating re-usable components quickly and easily.  |
 `'
 
 -- 
 PHP General Mailing List (http://www.php.net/)
 To unsubscribe, visit: http://www.php.net/unsub.php
 
-- 
..
| InterJinn Application Framework - http://www.interjinn.com |
::
| An application and templating framework for PHP. Boasting  |
| a powerful, scalable system for accessing system services  |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for   |
| creating re-usable components quickly and easily.  |
`'

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Executing shell commands

[Javier Muniz]

I realize that, just didn't want to suggest that /tmp was a good solution
instead of a database.  The question is always about security, btw ;)

-Javier

-Original Message-
From: Robert Cummings [mailto:[EMAIL PROTECTED] 
Sent: Sunday, November 09, 2003 5:54 PM
To: Javier Muniz
Cc: Teren; PHP-General
Subject: RE: [PHP] Executing shell commands


I did mention database as one of the solutions. The question wasn't about
security so I didn't elaborate.

Cheers,
Rob.

On Sun, 2003-11-09 at 16:45, Javier Muniz wrote:
 Ack! No no no no no! At least put something this critical in a 
 password protected database, not a place that could possibly be 
 written to by a malicious user that gains access to an easily-writable 
 directory like /tmp, the DoS and security ramifications of having a 
 system like this are huge. Be exceptionally careful, and never pretend 
 that /tmp is a safe place for data.  If something is being read from 
 /tmp then it should be treated the same way user-inputted data is, and 
 never trusted.
 
 -Javier
 
 -Original Message-
 From: Robert Cummings [mailto:[EMAIL PROTECTED]
 Sent: Sunday, November 09, 2003 12:47 AM
 To: Teren
 Cc: PHP-General
 Subject: Re: [PHP] Executing shell commands
 
 
 On Sun, 2003-11-09 at 03:41, Teren wrote:
 
  Hi, I'm trying to write a front end for something and I want to be
  able to execute shell commands. I tried all of the pre-written 
  functions and non of them would work. I setup a user that can sudo and 
  then i set apache to run as that user. So, what I tried to do is 
  shell_exec(sudo -s; reboot;); but that didn't work, I also tried 
  other numerous variations all of which didn't work (also using exec(), 
  system(), passthru()  ). If any one has any ideas how i can do this, 
  please let me know. Thanks
 
 I believe this has been answered quite recently and the large 
 consensus was to have a daemon (cron or otherwise) check for some 
 status file or database entry, which when set it would perform the 
 required function. So for instance to reboot the machine, perhaps a 
 cron job would check for the existence of /tmp/myFrontEnd/reboot and 
 if found reboot the machine. Thus the front end would only need to 
 create the file.
 
 HTH,
 Rob.
 --
 ..
 | InterJinn Application Framework - http://www.interjinn.com |
 ::
 | An application and templating framework for PHP. Boasting  | a
 | powerful, scalable system for accessing system services  | such as 
 | forms, properties, sessions, and caches. InterJinn |
 | also provides an extremely flexible architecture for   |
 | creating re-usable components quickly and easily.  |
 `'
 
 --
 PHP General Mailing List (http://www.php.net/)
 To unsubscribe, visit: http://www.php.net/unsub.php
 
-- 
..
| InterJinn Application Framework - http://www.interjinn.com |
::
| An application and templating framework for PHP. Boasting  | a 
| powerful, scalable system for accessing system services  | such as 
| forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for   |
| creating re-usable components quickly and easily.  |
`'

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Executing shell commands

[Chris Shiflett]

--- Robert Cummings [EMAIL PROTECTED] wrote:
 I did mention database as one of the solutions. The question wasn't
 about security so I didn't elaborate.

I have done this same thing in the past, because I tend to answer the
question asked and nothing more.

However, recently I have begun trying to not give suggestions or examples
that will create a security vulnerability, as well as warning about them
in the examples provided.

This is based on my belief that people don't always know what questions
they should be asking, combined with my belief that they likely use the
examples or suggestions we provide exactly as stated. As such, I think it
is our responsibility to educate.

I'm not sure if anyone agrees with me, but this is my philosophy.

Chris

=
My Blog
 http://shiflett.org/
HTTP Developer's Handbook
 http://httphandbook.org/
RAMP Training Courses
 http://www.nyphp.org/ramp

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Executing shell commands

[Robert Cummings]

On Mon, 2003-11-10 at 00:34, Chris Shiflett wrote:
 --- Robert Cummings [EMAIL PROTECTED] wrote:
  I did mention database as one of the solutions. The question wasn't
  about security so I didn't elaborate.
 
 I have done this same thing in the past, because I tend to answer the
 question asked and nothing more.
 
 However, recently I have begun trying to not give suggestions or examples
 that will create a security vulnerability, as well as warning about them
 in the examples provided.
 
 This is based on my belief that people don't always know what questions
 they should be asking, combined with my belief that they likely use the
 examples or suggestions we provide exactly as stated. As such, I think it
 is our responsibility to educate.
 
 I'm not sure if anyone agrees with me, but this is my philosophy.

All good points; I'd just like to point out though that the file system
is a viable method, though it does require the directories be set up
with proper ownerships and permissions. That said, yeah the /tmp
directory probably wasn't the best choice for the example :)

Cheers,
Rob.
-- 
..
| InterJinn Application Framework - http://www.interjinn.com |
::
| An application and templating framework for PHP. Boasting  |
| a powerful, scalable system for accessing system services  |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for   |
| creating re-usable components quickly and easily.  |
`'

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] executing shell commands.

[Sethi, Samir (IDS DMDS)]

I am executing the following within PHP - 

$system = `/bin/ls 
/dcsa-ws1/share/webadm1/public_html/system-reports/security/rhosts/eqty | /bin/egrep 
-v server|header|index|report|php|old|title |   /bin/head -$x | /bin/tail
-1 | /bin/awk '{ print $1 }'` ;

$numlin = `/bin/cat 
/dcsa-ws1/share/webadm1/public_html/system-reports/security/rhosts/eqty/$system | 
/bin/wc -l` ;


The first line resolves correctly for the system name. 

The $numlin does not appear to resolve correctly - appears to be an issues with 
passing the
$system variable in the the second line. Any ideas. Any feedback will be appreciated. 
Thanks.

Samir.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] executing shell commands.

[Douglas Douglas]

Hi!

I'm not sure this could be your problem, but this is
what I see:

$numlin = '/bin/cat 
/dcsa-ws1/share/webadm1/public_html/system-reports/security/rhosts/eqty/$system
| /bin/wc -l';

I think you should write it like this:

$numlin = /bin/cat 
/dcsa-ws1/share/webadm1/public_html/system-reports/security/rhosts/eqty/$system
| /bin/wc -l;

I had this kind of problem once and my script wasn't
replacing the variable ($system). It was just writing
$system in the string.

Hope this helps.

Regards, Douglas.

__
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] executing shell commands.

[Curt Zirzow]

* Thus wrote Sethi, Samir (IDS DMDS) ([EMAIL PROTECTED]):
 
 I am executing the following within PHP - 
 
 $system = `/bin/ls 
 /dcsa-ws1/share/webadm1/public_html/system-reports/security/rhosts/eqty | /bin/egrep 
 -v server|header|index|report|php|old|title |   /bin/head -$x | /bin/tail
 -1 | /bin/awk '{ print $1 }'` ;
 
 $numlin = `/bin/cat 
 /dcsa-ws1/share/webadm1/public_html/system-reports/security/rhosts/eqty/$system | 
 /bin/wc -l` ;

Any reason your cat'ing the file instead of just runing

/bin/wc -l file


also, what is the contents of $system?  the backticks will expand
variables, my guess is that the first command isn't returning what
you expected.

Curt
-- 
I used to think I was indecisive, but now I'm not so sure.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] executing shell commands.

[Sethi, Samir (IDS DMDS)]

This seems to do the trick - 

$system = `/bin/ls /dcsa-ws1/share/webadm1/public_html/system-reports/security/rhosts/
eqty | /bin/egrep -v server|header|index|report|php|old|title |   /bin/head -$x | /b
in/tail -1 | /bin/awk '{ print $1 }'` ;

$numlin = `/bin/wc -l /dcsa-ws1/share/webadm1/public_html/system-reports/security/rhos
ts/eqty/$system` ;

Thanks.

Samir.


-Original Message-
From: Curt Zirzow [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, September 10, 2003 12:15 PM
To: '[EMAIL PROTECTED]'
Subject: Re: [PHP] executing shell commands.


* Thus wrote Sethi, Samir (IDS DMDS) ([EMAIL PROTECTED]):
 
 I am executing the following within PHP - 
 
 $system = `/bin/ls 
 /dcsa-ws1/share/webadm1/public_html/system-reports/security/rhosts/eqty | /bin/egrep 
 -v server|header|index|report|php|old|title |   /bin/head -$x | /bin/tail
 -1 | /bin/awk '{ print $1 }'` ;
 
 $numlin = `/bin/cat 
 /dcsa-ws1/share/webadm1/public_html/system-reports/security/rhosts/eqty/$system | 
 /bin/wc -l` ;

Any reason your cat'ing the file instead of just runing

/bin/wc -l file


also, what is the contents of $system?  the backticks will expand
variables, my guess is that the first command isn't returning what
you expected.

Curt
-- 
I used to think I was indecisive, but now I'm not so sure.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Executing Shell Commands.

[scott]

Hello,

Does anybody know how to execute a shell command from PHP on a Linux
system?

Thanks,
Scott



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Executing Shell Commands.

[Bryan Brannigan]

I believe something like this would do it:

system('ls -l');


 -Original Message-
 From: scott [mailto:[EMAIL PROTECTED]]
 Sent: Thursday, January 23, 2003 9:06 AM
 To: [EMAIL PROTECTED]
 Subject: [PHP] Executing Shell Commands.
 
 
 Hello,
 
 Does anybody know how to execute a shell command from PHP on a Linux
 system?
 
 Thanks,
 Scott
 
 
 
 -- 
 PHP General Mailing List (http://www.php.net/)
 To unsubscribe, visit: http://www.php.net/unsub.php
 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Executing Shell Commands.

[Chris Hewitt]

scott wrote:


Hello,

Does anybody know how to execute a shell command from PHP on a Linux
system?


exec() and friends.

HTH
Chris



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] Executing Shell Commands.

[John W. Holmes]

 Does anybody know how to execute a shell command from PHP on a Linux
 system?

Yes.

---John Holmes...

PS:
http://homepages.tesco.net/~J.deBoynePollard/FGA/questions-with-yes-or-n
o-answers.html

PSS: http://www.php.net/manual/en/ref.exec.php



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Executing Shell Commands.

[Maxim Maletsky]

Use the execution operator backtricks (``)


?php
echo 'pre';
echo `ls -la`;
?

will throw you the shell's ls -la to the browser

--
Maxim Maletsky
[EMAIL PROTECTED]



scott [EMAIL PROTECTED] wrote... :

 Hello,
 
 Does anybody know how to execute a shell command from PHP on a Linux
 system?
 
 Thanks,
 Scott
 
 
 
 -- 
 PHP General Mailing List (http://www.php.net/)
 To unsubscribe, visit: http://www.php.net/unsub.php
 


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Executing Shell Commands.

[Chris Hewitt]

scott wrote:


Thanks Chris,

Could you explain to me how to launch a program from PHP as
another user, such as root? The app that I am trying to launch, apache
does not have rights to. And, it would be to complex of a procedure to
change the ownership on all of the processes that go with it.


The ownership problem is one to consider security on carefully. The way 
I overcome the few scripts that need to be run as another user is to put 
them into my /etc/sudoers file (man sudoers) for the file format, then 
execute sudo script_name (man sudo for details).

This way, only the scripts that need to be run as another user can be 
done. Security is much better than trying to change the webserver user. 
If you are on a shared server, note that not all hosting companies allow 
this.

Maybe others do it differently?

Regards

Chris


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php