running PHP/perl as root

L

Lem0nHead

Verified User
Joined
Nov 28, 2004
Messages
265
hello
I have a PHP (could be Perl) script that needs to be executed as root.
Yep, I know I probably shouldn't do that, but that's the only solution I found (it's a server administration tool).

I'm planning to use a one-time-password + SSL as security, but the only options I could think are:
1) Run PHP/Perl as root and then escalate to the user I want to admin (for security reasons, I don't want to allow commands to be run as root)
2) Install an alternative HTTP server (like lighttpd) and try to run scripts as root
3) Bind the perl script as a daemon (running as root) and connect/authenticate to it using PHP/Perl (so I can allow connection just from localhost)

The best solution would be if apache could escalate to the user I really want to run commands as (but this user would be passed as parameter to my script). The second best option for me would be the apache running the script as root (and the first thing the program would do would be to escalate to the user). And the last option would be the third one.

Any suggestions? Can Apache run scripts as root or as a user passed as parameter?
 
I will not address the security concerns since you already know about them.

The webmin web server runs as root and you can create a module to do what you need to do. Has to be in perl though.

Webmin has a module that will let you run commands as root.

I am not sure why you would want to do it through a web server rather than ssh.
 
You must log in or register to reply here.
Back
Top