Hello all,
Approx a week back I got the info that I need to use a C program to execute a command a root for web scripts (PHP). I have given that a try, I created a
addnewhost.cpp :
#include <stdlib.h> int main() { system("/usr/sbin/useradd newusernewuser"); return 0; }
Compiled, linked and suid it as (Did this as root)
g++ -c addnewhost.cpp g++ -o addnewhost.bin addnewhost.o chown root.root addnewhost.bin chmod 4755 addnewhost.bin
But when I try to run the addnewhost.bin as a normal user it says
useradd: unable to lock password file
But runs fine as root. Any clues where should I go next. All I need to do is execute some command as a superuser but from a PHP page. Thanks in advance.
Bye.
On Sun, Dec 01, 2002 at 01:53:01PM +0530, mails@munshi.dyndns.org wrote:
Any clues where should I go next. All I need to do is execute some command as a superuser but from a PHP page.
A general search on google for "setuid php scripts apache" yielded this link. It mentions that "sudo" is the right way to run commands with root privileges, and also explains why your C program didn't work.
http://www.aota.net/forums/printthread.php?threadid=12453
"A file that is owned by root and is setuid root (chmod u+s filename) is *allowed* to function as root. It only becomes root when it calls the setuid function ( int setuid(uid_t uid) ). This is not available to interpreted shell scripts (I think there is a way to make Perl scripts setuid, but I haven't done it)."
HTH, Sameer.
-
mails@munshi.dyndns.org -
Sameer D. Sahasrabuddhe