Permission denied to PHP

Forum Moderators: coopster

Message Too Old, No Replies

Permission denied to PHP

cannot access /home//mail//

milanmk

1:38 pm on Mar 10, 2007 (gmt 0)

I am getting following error when executing shell command from PHP, where PHP/Apache is running as "nobody".

du: '/home/example/mail': Permission denied
du: cannot access '/home/example/mail/example.com/demo/': Permission denied

Any workarounds to allow "nobody" to run du on those mail paths?

Milan

RonPK

7:09 pm on Mar 11, 2007 (gmt 0)

sudo, I suppose. sudo is normally run interactively, ie it will ask you to enter a password. Therefore you need to pipe the password to sudo:

exec("echo 'password' Ś /usr/bin/sudo -u user -S du /home/example/mail/");

(replace the ¦ with a real pipe character)
user is a user who has permission to du that directory. password is his password. Untested.

Note: storing passwords in plain text format in scripts is not advisable...

milanmk

8:00 pm on Mar 11, 2007 (gmt 0)

storing passwords in plain text format in scripts is not advisable

I looked into some man pages around sudo and found /etc/sudoers (list of which users may execute what) file and added the following entry for group "nobody" so that I need not to supply password while executing du command.

%nobody ALL=NOPASSWD: /usr/bin/du

Am I creating any security concern?

Milan

RonPK

10:07 pm on Mar 11, 2007 (gmt 0)

Seems all right to me, but I'm hardly a Linux guru. This way anyone who can upload scripts to your server can run du on any directory.