Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 26 Apr 2016 16:15:58 -0500 (CDT)
From:      "Valeri Galtsev" <galtsev@kicp.uchicago.edu>
To:        freebsd-questions@freebsd.org
Subject:   Re: Why is www's $PATH only /usr/bin:/bin?
Message-ID:  <46778.128.135.52.6.1461705358.squirrel@cosmo.uchicago.edu>
In-Reply-To: <20160426194048.GA31481@box-fra-01.niklaas.eu>
References:  <20160426194048.GA31481@box-fra-01.niklaas.eu>
next in thread | previous in thread | raw e-mail | index | archive | help 

On Tue, April 26, 2016 2:40 pm, Niklaas Baudet von Gersdorff wrote:
> Hi,
>
> I figured that www's $PATH is only /usr/bin:/bin. Why is that if
> /etc/login.conf says the following?
>
>     default:\
>     --------8<--------
>         :path=/sbin /bin /usr/sbin /usr/bin /usr/games /usr/local/sbin
> /usr/local/bin ~/bin:\
>     --------8<--------
>
> /etc/passwd looks like this.
>
>     www:*:80:80:World Wide Web Owner:/nonexistent:/usr/sbin/nologin
>
> So, I left everything the default.
>
> The thing is that I want to run something in /usr/local/bin with PHP's
>
>     shell_exec($cmd);
>
> but that's not working because it's not in $PATH.


You can have $cmd containing full absolute path to the command bewith
leading slash, say:

/usr/local/bin/yourcommand

then it should work (unless daemon runs chrooted, then you need to have
copied of all these in chrooted environment). Having daemons exposed to
external world able access as minimum of things as necessary would be a
good security practice.

Valeri

>
> Any hint is very much appreciated.
>
>     Niklaas
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe@freebsd.org"
>


++++++++++++++++++++++++++++++++++++++++
Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247
++++++++++++++++++++++++++++++++++++++++

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?46778.128.135.52.6.1461705358.squirrel>