[PHP] Executing shell commands
Hi, I'm trying to write a front end for something and I want to be able to execute shell commands. I tried all of the pre-written functions and non of them would work. I setup a user that can sudo and then i set apache to run as that user. So, what I tried to do is shell_exec(sudo -s; reboot;); but that didn't work, I also tried other numerous variations all of which didn't work (also using exec(), system(), passthru() ). If any one has any ideas how i can do this, please let me know. Thanks Teren
Re: [PHP] Executing shell commands
On Sun, 2003-11-09 at 03:41, Teren wrote: Hi, I'm trying to write a front end for something and I want to be able to execute shell commands. I tried all of the pre-written functions and non of them would work. I setup a user that can sudo and then i set apache to run as that user. So, what I tried to do is shell_exec(sudo -s; reboot;); but that didn't work, I also tried other numerous variations all of which didn't work (also using exec(), system(), passthru() ). If any one has any ideas how i can do this, please let me know. Thanks I believe this has been answered quite recently and the large consensus was to have a daemon (cron or otherwise) check for some status file or database entry, which when set it would perform the required function. So for instance to reboot the machine, perhaps a cron job would check for the existence of /tmp/myFrontEnd/reboot and if found reboot the machine. Thus the front end would only need to create the file. HTH, Rob. -- .. | InterJinn Application Framework - http://www.interjinn.com | :: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Executing shell commands
Ack! No no no no no! At least put something this critical in a password protected database, not a place that could possibly be written to by a malicious user that gains access to an easily-writable directory like /tmp, the DoS and security ramifications of having a system like this are huge. Be exceptionally careful, and never pretend that /tmp is a safe place for data. If something is being read from /tmp then it should be treated the same way user-inputted data is, and never trusted. -Javier -Original Message- From: Robert Cummings [mailto:[EMAIL PROTECTED] Sent: Sunday, November 09, 2003 12:47 AM To: Teren Cc: PHP-General Subject: Re: [PHP] Executing shell commands On Sun, 2003-11-09 at 03:41, Teren wrote: Hi, I'm trying to write a front end for something and I want to be able to execute shell commands. I tried all of the pre-written functions and non of them would work. I setup a user that can sudo and then i set apache to run as that user. So, what I tried to do is shell_exec(sudo -s; reboot;); but that didn't work, I also tried other numerous variations all of which didn't work (also using exec(), system(), passthru() ). If any one has any ideas how i can do this, please let me know. Thanks I believe this has been answered quite recently and the large consensus was to have a daemon (cron or otherwise) check for some status file or database entry, which when set it would perform the required function. So for instance to reboot the machine, perhaps a cron job would check for the existence of /tmp/myFrontEnd/reboot and if found reboot the machine. Thus the front end would only need to create the file. HTH, Rob. -- .. | InterJinn Application Framework - http://www.interjinn.com | :: | An application and templating framework for PHP. Boasting | a | powerful, scalable system for accessing system services | such as | forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Executing shell commands
I did mention database as one of the solutions. The question wasn't about security so I didn't elaborate. Cheers, Rob. On Sun, 2003-11-09 at 16:45, Javier Muniz wrote: Ack! No no no no no! At least put something this critical in a password protected database, not a place that could possibly be written to by a malicious user that gains access to an easily-writable directory like /tmp, the DoS and security ramifications of having a system like this are huge. Be exceptionally careful, and never pretend that /tmp is a safe place for data. If something is being read from /tmp then it should be treated the same way user-inputted data is, and never trusted. -Javier -Original Message- From: Robert Cummings [mailto:[EMAIL PROTECTED] Sent: Sunday, November 09, 2003 12:47 AM To: Teren Cc: PHP-General Subject: Re: [PHP] Executing shell commands On Sun, 2003-11-09 at 03:41, Teren wrote: Hi, I'm trying to write a front end for something and I want to be able to execute shell commands. I tried all of the pre-written functions and non of them would work. I setup a user that can sudo and then i set apache to run as that user. So, what I tried to do is shell_exec(sudo -s; reboot;); but that didn't work, I also tried other numerous variations all of which didn't work (also using exec(), system(), passthru() ). If any one has any ideas how i can do this, please let me know. Thanks I believe this has been answered quite recently and the large consensus was to have a daemon (cron or otherwise) check for some status file or database entry, which when set it would perform the required function. So for instance to reboot the machine, perhaps a cron job would check for the existence of /tmp/myFrontEnd/reboot and if found reboot the machine. Thus the front end would only need to create the file. HTH, Rob. -- .. | InterJinn Application Framework - http://www.interjinn.com | :: | An application and templating framework for PHP. Boasting | a | powerful, scalable system for accessing system services | such as | forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- .. | InterJinn Application Framework - http://www.interjinn.com | :: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Executing shell commands
I realize that, just didn't want to suggest that /tmp was a good solution instead of a database. The question is always about security, btw ;) -Javier -Original Message- From: Robert Cummings [mailto:[EMAIL PROTECTED] Sent: Sunday, November 09, 2003 5:54 PM To: Javier Muniz Cc: Teren; PHP-General Subject: RE: [PHP] Executing shell commands I did mention database as one of the solutions. The question wasn't about security so I didn't elaborate. Cheers, Rob. On Sun, 2003-11-09 at 16:45, Javier Muniz wrote: Ack! No no no no no! At least put something this critical in a password protected database, not a place that could possibly be written to by a malicious user that gains access to an easily-writable directory like /tmp, the DoS and security ramifications of having a system like this are huge. Be exceptionally careful, and never pretend that /tmp is a safe place for data. If something is being read from /tmp then it should be treated the same way user-inputted data is, and never trusted. -Javier -Original Message- From: Robert Cummings [mailto:[EMAIL PROTECTED] Sent: Sunday, November 09, 2003 12:47 AM To: Teren Cc: PHP-General Subject: Re: [PHP] Executing shell commands On Sun, 2003-11-09 at 03:41, Teren wrote: Hi, I'm trying to write a front end for something and I want to be able to execute shell commands. I tried all of the pre-written functions and non of them would work. I setup a user that can sudo and then i set apache to run as that user. So, what I tried to do is shell_exec(sudo -s; reboot;); but that didn't work, I also tried other numerous variations all of which didn't work (also using exec(), system(), passthru() ). If any one has any ideas how i can do this, please let me know. Thanks I believe this has been answered quite recently and the large consensus was to have a daemon (cron or otherwise) check for some status file or database entry, which when set it would perform the required function. So for instance to reboot the machine, perhaps a cron job would check for the existence of /tmp/myFrontEnd/reboot and if found reboot the machine. Thus the front end would only need to create the file. HTH, Rob. -- .. | InterJinn Application Framework - http://www.interjinn.com | :: | An application and templating framework for PHP. Boasting | a | powerful, scalable system for accessing system services | such as | forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- .. | InterJinn Application Framework - http://www.interjinn.com | :: | An application and templating framework for PHP. Boasting | a | powerful, scalable system for accessing system services | such as | forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Executing shell commands
--- Robert Cummings [EMAIL PROTECTED] wrote: I did mention database as one of the solutions. The question wasn't about security so I didn't elaborate. I have done this same thing in the past, because I tend to answer the question asked and nothing more. However, recently I have begun trying to not give suggestions or examples that will create a security vulnerability, as well as warning about them in the examples provided. This is based on my belief that people don't always know what questions they should be asking, combined with my belief that they likely use the examples or suggestions we provide exactly as stated. As such, I think it is our responsibility to educate. I'm not sure if anyone agrees with me, but this is my philosophy. Chris = My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Executing shell commands
On Mon, 2003-11-10 at 00:34, Chris Shiflett wrote: --- Robert Cummings [EMAIL PROTECTED] wrote: I did mention database as one of the solutions. The question wasn't about security so I didn't elaborate. I have done this same thing in the past, because I tend to answer the question asked and nothing more. However, recently I have begun trying to not give suggestions or examples that will create a security vulnerability, as well as warning about them in the examples provided. This is based on my belief that people don't always know what questions they should be asking, combined with my belief that they likely use the examples or suggestions we provide exactly as stated. As such, I think it is our responsibility to educate. I'm not sure if anyone agrees with me, but this is my philosophy. All good points; I'd just like to point out though that the file system is a viable method, though it does require the directories be set up with proper ownerships and permissions. That said, yeah the /tmp directory probably wasn't the best choice for the example :) Cheers, Rob. -- .. | InterJinn Application Framework - http://www.interjinn.com | :: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] executing shell commands.
I am executing the following within PHP - $system = `/bin/ls /dcsa-ws1/share/webadm1/public_html/system-reports/security/rhosts/eqty | /bin/egrep -v server|header|index|report|php|old|title | /bin/head -$x | /bin/tail -1 | /bin/awk '{ print $1 }'` ; $numlin = `/bin/cat /dcsa-ws1/share/webadm1/public_html/system-reports/security/rhosts/eqty/$system | /bin/wc -l` ; The first line resolves correctly for the system name. The $numlin does not appear to resolve correctly - appears to be an issues with passing the $system variable in the the second line. Any ideas. Any feedback will be appreciated. Thanks. Samir. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] executing shell commands.
Hi! I'm not sure this could be your problem, but this is what I see: $numlin = '/bin/cat /dcsa-ws1/share/webadm1/public_html/system-reports/security/rhosts/eqty/$system | /bin/wc -l'; I think you should write it like this: $numlin = /bin/cat /dcsa-ws1/share/webadm1/public_html/system-reports/security/rhosts/eqty/$system | /bin/wc -l; I had this kind of problem once and my script wasn't replacing the variable ($system). It was just writing $system in the string. Hope this helps. Regards, Douglas. __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] executing shell commands.
* Thus wrote Sethi, Samir (IDS DMDS) ([EMAIL PROTECTED]): I am executing the following within PHP - $system = `/bin/ls /dcsa-ws1/share/webadm1/public_html/system-reports/security/rhosts/eqty | /bin/egrep -v server|header|index|report|php|old|title | /bin/head -$x | /bin/tail -1 | /bin/awk '{ print $1 }'` ; $numlin = `/bin/cat /dcsa-ws1/share/webadm1/public_html/system-reports/security/rhosts/eqty/$system | /bin/wc -l` ; Any reason your cat'ing the file instead of just runing /bin/wc -l file also, what is the contents of $system? the backticks will expand variables, my guess is that the first command isn't returning what you expected. Curt -- I used to think I was indecisive, but now I'm not so sure. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] executing shell commands.
This seems to do the trick - $system = `/bin/ls /dcsa-ws1/share/webadm1/public_html/system-reports/security/rhosts/ eqty | /bin/egrep -v server|header|index|report|php|old|title | /bin/head -$x | /b in/tail -1 | /bin/awk '{ print $1 }'` ; $numlin = `/bin/wc -l /dcsa-ws1/share/webadm1/public_html/system-reports/security/rhos ts/eqty/$system` ; Thanks. Samir. -Original Message- From: Curt Zirzow [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 10, 2003 12:15 PM To: '[EMAIL PROTECTED]' Subject: Re: [PHP] executing shell commands. * Thus wrote Sethi, Samir (IDS DMDS) ([EMAIL PROTECTED]): I am executing the following within PHP - $system = `/bin/ls /dcsa-ws1/share/webadm1/public_html/system-reports/security/rhosts/eqty | /bin/egrep -v server|header|index|report|php|old|title | /bin/head -$x | /bin/tail -1 | /bin/awk '{ print $1 }'` ; $numlin = `/bin/cat /dcsa-ws1/share/webadm1/public_html/system-reports/security/rhosts/eqty/$system | /bin/wc -l` ; Any reason your cat'ing the file instead of just runing /bin/wc -l file also, what is the contents of $system? the backticks will expand variables, my guess is that the first command isn't returning what you expected. Curt -- I used to think I was indecisive, but now I'm not so sure. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Executing Shell Commands.
Hello, Does anybody know how to execute a shell command from PHP on a Linux system? Thanks, Scott -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Executing Shell Commands.
I believe something like this would do it: system('ls -l'); -Original Message- From: scott [mailto:[EMAIL PROTECTED]] Sent: Thursday, January 23, 2003 9:06 AM To: [EMAIL PROTECTED] Subject: [PHP] Executing Shell Commands. Hello, Does anybody know how to execute a shell command from PHP on a Linux system? Thanks, Scott -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Executing Shell Commands.
scott wrote: Hello, Does anybody know how to execute a shell command from PHP on a Linux system? exec() and friends. HTH Chris -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Executing Shell Commands.
Does anybody know how to execute a shell command from PHP on a Linux system? Yes. ---John Holmes... PS: http://homepages.tesco.net/~J.deBoynePollard/FGA/questions-with-yes-or-n o-answers.html PSS: http://www.php.net/manual/en/ref.exec.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Executing Shell Commands.
Use the execution operator backtricks (``) ?php echo 'pre'; echo `ls -la`; ? will throw you the shell's ls -la to the browser -- Maxim Maletsky [EMAIL PROTECTED] scott [EMAIL PROTECTED] wrote... : Hello, Does anybody know how to execute a shell command from PHP on a Linux system? Thanks, Scott -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Executing Shell Commands.
scott wrote: Thanks Chris, Could you explain to me how to launch a program from PHP as another user, such as root? The app that I am trying to launch, apache does not have rights to. And, it would be to complex of a procedure to change the ownership on all of the processes that go with it. The ownership problem is one to consider security on carefully. The way I overcome the few scripts that need to be run as another user is to put them into my /etc/sudoers file (man sudoers) for the file format, then execute sudo script_name (man sudo for details). This way, only the scripts that need to be run as another user can be done. Security is much better than trying to change the webserver user. If you are on a shared server, note that not all hosting companies allow this. Maybe others do it differently? Regards Chris -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php