Publicly-accessible PHP script run as root
I've got some pre-defined maintenance functions (shell scripts) I'd like to be able to be triggered from outside the server. They're non-critical, and there's no risk if someone else gets hold of the URL and triggers them themselves. I'd like to just call them from PHP using shell_exec, but that's disabled in php.ini for all accounts for security reasons.
Obviously there will need to be lots of security considerations here. I'm well aware of that already.
I tried writing a WHM plugin (which is run as root, and can bypass the disable_functions restriction), but when I try requesting it I just see a login page, even though I set the ACL to "any". Is there a place I can put a PHP script where it will be run by WHM's PHP instance, accessible at myIP:2087, that can be called without logging in?
-
Hello :) I have moved this thread to the "Security" forum. You should receive more user-feedback here. Thank you. 0 -
Have you also disabled passthru? it can accomplish the same as shell_exec Depending on your php handler, you could put a php.ini in the same directory as the php scripts to over-ride disable_functions just for that directory. Personally I'd recommend you just set up a cron job in roots crontab to run the scripts periodically if that's an acceptable solution. It should be easier and more secure, especially if the stuff needs root privs anyway. 0 -
passthru is also disabled, and I'd like shell commands to remain disabled. The commands I need to run do need to be executed as root, which is why I thought WHM's runtime would be a perfect place for them, since I wouldn't need to open any extra ports or anything. Cron would be usable as a last resort, but I'd like to be able to call the scripts on demand, rather than at an interval. 0 -
You could probably make and register your own WHM plugin to run them, however, you would still need to log in. (edit: i see you tried this). I'm not aware of a way to do this without requiring login to WHM. Honestly I would either just use cron, or do something like this; Make a root cron which checks for $somefile, which can be created by an unprivileged users application. If $somefile exists, then your scripts run. I.e. have a php script that you can access publicly, that when accessed, touches an empty file ($somefile). When the root cron sees the file, it runs your other script and removes the file. It won't run the other script again until the check file is re-created by accessing the page. This should be pretty simple to accomplish, and eliminates the need for the php page you're accessing to have root privs. 0
Please sign in to leave a comment.
Comments
4 comments