From owner-freebsd-stable@FreeBSD.ORG Tue Oct 1 13:39:55 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 5CFB7A14 for ; Tue, 1 Oct 2013 13:39:55 +0000 (UTC) (envelope-from ronald-freebsd8@klop.yi.org) Received: from cpsmtpb-ews05.kpnxchange.com (cpsmtpb-ews05.kpnxchange.com [213.75.39.8]) by mx1.freebsd.org (Postfix) with ESMTP id EEAD12BD9 for ; Tue, 1 Oct 2013 13:39:54 +0000 (UTC) Received: from cpsps-ews09.kpnxchange.com ([10.94.84.176]) by cpsmtpb-ews05.kpnxchange.com with Microsoft SMTPSVC(7.5.7601.17514); Tue, 1 Oct 2013 15:39:53 +0200 Received: from CPSMTPM-TLF102.kpnxchange.com ([195.121.3.5]) by cpsps-ews09.kpnxchange.com with Microsoft SMTPSVC(7.5.7601.17514); Tue, 1 Oct 2013 15:39:53 +0200 Received: from sjakie.klop.ws ([212.182.167.131]) by CPSMTPM-TLF102.kpnxchange.com with Microsoft SMTPSVC(7.5.7601.17514); Tue, 1 Oct 2013 15:39:53 +0200 Received: from 212-182-167-131.ip.telfort.nl (localhost [127.0.0.1]) by sjakie.klop.ws (Postfix) with ESMTP id 682BACFA for ; Tue, 1 Oct 2013 15:39:53 +0200 (CEST) Content-Type: text/plain; charset=us-ascii; format=flowed; delsp=yes To: freebsd-stable@freebsd.org Subject: Re: Running a script via PHP References: <58E65D87-C41C-4777-9EAA-005CE3506B6A@mac.com> Date: Tue, 01 Oct 2013 15:39:53 +0200 MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: "Ronald Klop" Message-ID: In-Reply-To: <58E65D87-C41C-4777-9EAA-005CE3506B6A@mac.com> User-Agent: Opera Mail/12.16 (FreeBSD) X-OriginalArrivalTime: 01 Oct 2013 13:39:53.0571 (UTC) FILETIME=[B598FB30:01CEBEAB] X-RcptDomain: freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Oct 2013 13:39:55 -0000 On Fri, 27 Sep 2013 23:50:02 +0200, Charles Swiger wrote: > Hi-- > > On Sep 27, 2013, at 2:18 AM, Michael BlackHeart > wrote: >> Hello there, >> It's quite off-topic, but I'm using freebsd-stable,so >> >> The priblem is - running a script that requires root privileges via PHP >> (or >> probably CGI - I do not care, just want it to be secure and working). > > Unfortunately the combination of PHP, doing something which needs root, > and > security are inherently contradictory. > > The least risky approach would be to invoke the needed command via sudo, > or > possibly a small setuid-root C wrapper program which launches only the > needed script > with root permissions. Use sudo unless your C wrapper is careful enough > to use > exec() and not system(), sanitizes $PATH and other env variables, and > guards against > games with $IFS, shell metachars, and such. > > Regards, Use sudo, because your home grown C wrapper will make all the mistakes which are already solved in sudo. Or will be spotted in the future in sudo and will never be spotted in your program. Chances are high that future requirements of your C wrapper will turn it in a little sudo. Ronald.