Results 1 to 12 of 12
  1. #1
    Join Date
    Aug 2002
    Location
    Hong Kong
    Posts
    417

    how can i run a perl script as root via browser request?

    i know exactly what the consequence is, i just wanna be ABLE to DO IT

    i have RHL+apache+suexec, i don't want to do it once every minute using cron, thanks

  2. #2
    I'm not POSITIVE that this is the only way, but I think you'll have to run Apache as root (edit /usr/local/apache/conf/httpd.conf, change:

    User nobody
    Group nobody

    to

    User root
    Group root (or wheel)

    restart apache (let me know if this works please)
    <<< Please see Forum Guidelines for signature setup. >>>

  3. #3
    Join Date
    Aug 2002
    Location
    Hong Kong
    Posts
    417
    is it done inside virtualhost?

    coz i found user/group appear both inside and outside of virtualhost

    thanks for reply

  4. #4
    You want the one listed outside of the virtual host tags (should be much closer to the top of httpd.conf)
    <<< Please see Forum Guidelines for signature setup. >>>

  5. #5
    Join Date
    Feb 2004
    Posts
    1,226
    probably setting suidbit to the script is the easier way

  6. #6

    No!

    Don't run apache as root! Bad idea!

    A better way would be to use "sudo". This is a facility that allows you to permit certain users to execute certain programs as another user. Just set a no-password permission for apache to execute that script as root, then "sudo ScriptName" to run it. Note that the script, once created, should be writable only by root, or a hacker could change the contents and execute arbitrary commands.

  7. #7
    Join Date
    Aug 2002
    Location
    Hong Kong
    Posts
    417
    thanks i'm reading the sudo man page

    is there a simpler method to put some statement in a script to "login" as root given that i'm the root user of the box?

    e.g. (just for example)



    #!/usr/bin/perl
    .
    .
    .
    login('root','abc123');
    .
    .
    then i can execute as root..
    .
    .

  8. #8
    No one said that doing the above was GOOD idea
    <<< Please see Forum Guidelines for signature setup. >>>

  9. #9
    Join Date
    Aug 2002
    Location
    Hong Kong
    Posts
    417
    i just want to run a script to "pretend" a control panel without running it a deamon like any other CPs

  10. #10
    sudo is the way to go

  11. #11
    Join Date
    Apr 2003
    Location
    Lebanon, PA
    Posts
    420
    I would use suid instead of sudo.

    chown root filename
    chmod 4755 filename

    Then hope your code is very secure.

  12. #12
    Join Date
    Aug 2002
    Location
    Hong Kong
    Posts
    417
    Originally posted by genlee
    I would use suid instead of sudo.

    chown root filename
    chmod 4755 filename

    Then hope your code is very secure.
    it doesn't work if you have apache suexec on, its intended to prevent this from working for security reason, and i don't want to drop suexec

    try it by yourself and you'll see 403 / 500 error

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •