Re: Secure Web-Based Administration

From: John Allman (allmanj@houseofireland.com)
Date: 01/22/03

  • Next message: Bill Weiss: "Re: Secure Web-Based Administration"
    Date: Wed, 22 Jan 2003 16:46:24 +0000
    From: John Allman <allmanj@houseofireland.com>
    To: focus-linux@securityfocus.com
    
    

    Ryan wrote:

    >I would like to create some web pages/scripts (probably using PHP since I
    >use it for a lot of other things) to assist me in administering my linux
    >machine. What are some ways that I can execute certain administrative
    >commands (such as ifconfig,iwconfig,route,scripts in my /etc/init.d/
    >directory, etc...) as root?
    >I'm fairly familiar with the different access-control methods available to
    >me to restrict access to these pages. I will definitely be using SSL with
    >a self-signed certificate. I'm just not sure how to get my web server
    >(which doesn't run as root and I want to keep it that way) to execute
    >these commands with superuser privileges.
    >Thanks
    >
    >Ryan
    >ryan@vbnet.net
    >
    Have you looked at webmin? Might have modules for the things you are
    looking for (or there may be some in development. might be worthwhile
    looking on freshmeat?)

    One way around this if you have to write your own is to make a binary
    owned by root (or whatever user you need the privaleges of), set it's
    suid bit and call it from your php/whatever script. Probably not ideal
    though

    John



    Relevant Pages

    • Re: Secure Web-Based Administration
      ... On Fri, 17 Jan 2003, Ryan wrote: ... > I would like to create some web pages/scripts (probably using PHP since I ... > use it for a lot of other things) to assist me in administering my linux ...
      (Focus-Linux)
    • Re: [SLE] default execute permission
      ... Ryan ... add the execute bits yourself: ... kernel-imposed umask mechanism. ... Please read the FAQs: suse-linux-e-faq@suse.com ...
      (SuSE)
    • Re: execute command on variable...
      ... # Pretty new here and im trying to understand on how to execute a command ... SM Ryan http://www.rawbw.com/~wyrmwif/ ... This is one wacky game show. ...
      (comp.unix.programmer)
    • Re: Wills: Execute/executor
      ... I would say "I'm administering (or winding up) an estate". ... but I have not come across "execute" being the actions of an executor. ...
      (alt.usage.english)
    • Timed Event
      ... Is there a way I can execute a stored procedure every 10 seconds, ... I don't want to create a Database Job. ... Ryan ...
      (microsoft.public.sqlserver.programming)