The problem is, that the process you want to kill does not belong to the apache user (apache usually runs as www-data
with group www-data
). If you give apache more rights (say run it as user root
), your PHP script would run with more rights and could do things like this. But this would be dangerous, because if there is a security flaw in apache or your php script, a malicious attacker could take over your system.
Instead I suggest using the setuid bit.
- Create a file
kill.sh
with the contentpkill python
- Make it executable (
chmod a+x kill.sh
) - Make it belong to root (
chown root:root kill.sh
) - Make it setuid (
chmod u+s kill.sh
) - Invoke this script from your php script