PHP sudo in shell_exec

root shell sudo php shell-exec

Solution 1:

The problem isn't that your page is or isn't secure, the problem is that giving a php page the ability to run some sudo command would give it to all pages including any injected code on any insecure page on any site on the server.

That said, it might be best to make a wrapper script that does just the one job that needs doing, then give the http user access to just that ONE command as sudo

http  ALL=(ALL) NOPASSWD:/user/local/bin/your_wrapper_script.sh

Solution 2:

You could use the latest SVN version of phpseclib, a pure PHP SSH implementation, to do this. eg.

<?php
include('Net/SSH2.php');

$ssh = new Net_SSH2('www.domain.tld');
$ssh->login('username', 'password');

$ssh->read('[prompt]');
$ssh->write("sudo command\n");
$ssh->read('Password:');
$ssh->write("Password\n");
echo $ssh->read('[prompt]');
?>

Solution 3:

Definitley not advised. However, you will want to look into editing the sudoers file and add the user php is running as a NOPASSWD for the command you need to run. This will only allow him to sudo that one command with out entering a password.

If you need more commands add more to it. Sudoers Configuration I know that forum/post is debian based but sudo is not strictly debian and that should help you out with the sudo configuration values that you need to put it.

Related

iAd in xcode 6 with Swift
Trim audio with iOS
Print PDF File in IFrame using javascript getting one page only
Dynamic height for static table cells with wrapping labels?
A better way to replace many strings - obfuscation in C#
CSS overlapping arrow
Starting Shiny app after password input (with Shinydashboard)
Getting every possible permutation of a string or combination including repeated characters in Java
Where do I put a database query in MVC?
Get frequency wav audio using FFT and Complex class
scale the loss value according to "badness" in caffe
How to pass an expression to a component as an input in Angular2?