16 Aug
2002
16 Aug
'02
10:38 a.m.
On Tue, 13 Aug 2002, Poonam P wrote:
How to execute shell commands which otherwise require root permissions, from a browser using PHP form. Eg. "mysqld stop",
the short answer is don't - ever. Giving a web script the ability to execute anything as root will open a huge security hole in your system. The safe way would be to get the web script to mail an administrator requesting appropriate action.
For other users, and if you're sure that your script is secure (there's many things to consider), you can use a setuid wrapper.
--
"In the face of entropy and nothingness, you kind of have to pretend it's not
there if you want to keep writing good code." -- Karl Lehenbauer