PHP exec permissions for creating root symlinks
https://stackoverflow.com/questions/10980577
-
13-06-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I am currently working on a Linux based single board computer for an engineering company, and I am in charge of updating the local configuration website hosted within the board. The point of this configuration server is so that a user can connect to the board via their web browser and modify settings within the board.
The current setting that I am trying to create involves setting the timezone of the board's hardware clock. Unfortunately, the way board handles time zones is by setting up a system link between a file within /usr/share/zoneinfo/ to /etc/localtime.
My issue is that I need to run the following command from the website:
ln -s /usr/share/zoneinfo/Etc/GMT$1 /etc/localtime
where $1 is a + or - followed by a number. These are generated by a dropdown on the website.
My major problem occurs when I try to run this command from the PHP of the website. By catching the response of the exec command, I have found that I am not getting sufficient permissions to create/modify the symlink. I have tried the approach of creating a bash script and running that from the PHP. I have also tried running a C based executable from the PHP.
Things to note: The user passwords are randomly generated, and sudo is not included on the embedded Linux package.
My goal is to avoid running the Apache server as root because of security concerns. Is there any way to give individual scripts (possibly temporary) permissions to run the command, or any other sort of workaround to this?
Solution
There's a good reason for seperating privileges, particularly when you're dealing with a stateless protocol. The answer by darryn.ten is a waste of time - you're giving the webserver uid permission to do everything - you code get the same result for less effort (and just as insecure) by running the webserver as root.
I'd recommend encapsulating the logic in a program running as root which only:
- validates the arguments
- links the timezone
In the example bekow I'm using bash which would require sudo to execute as root - but if you write it in C then you can enable the setuid bit which will run the program with the privileges of the file owner (this won't work with shell scripts). Not sure how setuid behaves with lua - which would be an obvious candidate for an embedded system.
#!/bin/bash
# NB must be validated under executing user privilege
REQUEST=`echo $1 | grep -P '/^([\+\-0-9]+)$/'`";
ln -s /usr/share/zoneinfo/Etc/GMT$(REQUEST} /etc/localtime
OTHER TIPS
You need to add sudo to the installation, and then
visudo
and add the following
apache ALL=(ALL) NOPASSWD: ALL
provided your apache user is apache.
Then add sudo to the command
sudo ln -s /usr/share/zoneinfo/Etc/GMT$1 /etc/localtime
and the command should get executed.
EDIT: Don't actually do this
