A Carafe of Ubuntu
Hi there
I'm trying to set up a php-script that calls a perl-script with sudo permissions (the perl-script needs these permissions to run its commands).
This php-script is hosted on a LAMP apache server (in Ubuntu) and is run by the user www-data (pseudouser created by apache).
I have tried adding the line:
But it doesn't seem to work and it seems like somewhat of a security issue.Code:www-data ALL=(ALL) NOPASSWD:ALL
How can I do this?
Thanks in advance
Last edited by Eax.exe; March 3rd, 2010 at 09:24 PM.
"Freedom is an illusion"
Iced Almond Soy Ubuntu, No Foam
Make the perl script SUID root and use perl-suid to run it.
ClassicMenu Indicator - classic GNOME menu for Unity
Unsettings - configuration program for the Unity
Privacy Indicator - easily switch privacy settings in Unity
Arronax - create and modify app starters
A Carafe of Ubuntu
Can you explain how please?Originally Posted by diesch
"Freedom is an illusion"
A Carafe of Ubuntu
I installed the package "super" containing "setuid" but I have no idea how to use it :/
"Freedom is an illusion"
Iced Almond Soy Ubuntu, No Foam
1. install the package perl-suid
2. make root the owner and www-data the group of the file:
3. set the SUID bit, read and exec permissions for the group, no permisions for others:Code:sudo chown:www-data root your_perl_script
4. In the first line of the script replace perl with suidperlCode:sudo chmod u+s,g=rx,o-rwx your_perl_scrip
e.g. change
toCode:#!/usr/bin/perl -w
Now if you run the script it's running as root.Code:#!/usr/bin/suidperl -w
Be careful as everyone in the www-data group can run this script as root!
ClassicMenu Indicator - classic GNOME menu for Unity
Unsettings - configuration program for the Unity
Privacy Indicator - easily switch privacy settings in Unity
Arronax - create and modify app starters
A Carafe of Ubuntu
Thank you so so much
"Freedom is an illusion"
Posting Permissions
Adv Reply
Bookmarks