The problem: I needed to run PHP on the command line as root when invoked by a non privileged user. The simple solution is to make a copy of the php binary and them chmod +s it and chown it to root. For most apps, this will just cause it to run as root and everything will be solved. This part is still necessary:
# cd /path/to/my/project # cp `which php` . # chown root:root php # chmod +s php
Unfortunately, when running this, you will find that PHP does not actually think it's running as root, and subsequently you can't run things like shutdown which require root privileges. You can see this by running a script like this:
test.php:
<?php
echo shell_exec('id');
?>
Command:
# sudo -u www ./php test.php uid=80(www) gid=80(www) groups=80(www)Well that didn't work, and the PHP docs and google didn't seem to have anything about PHP dropping privileges. A little more googling and i saw that PHP does have a setuid function, so i decided to give that a try. The function is called posix_setuid() and is allegedly included by default. Well guess what, on my PHP installation it shows the configure string as including --enable-posix=shared which for whatever reason means "i don't want to use this."
So i recompiled PHP with just --enable-posix and the function was now available. At this point, i began getting the desired results when calling the script: test.php:
<?php posix_setuid(0); echo shell_exec(`id`); ?>Command:
# sudo -u www ./php test.php uid=0(root) gid=80(www) groups=0(root),80(www)
No comments:
Post a Comment