Re: Secure Web-Based Administration

From: Ben La Monica (ben@cylindrinet.com)
Date: 01/21/03

  • Next message: Glynn Clements: "Re: Secure Web-Based Administration"
    From: "Ben La Monica" <ben@cylindrinet.com>
    To: "Ryan" <ryan@vbnet.net>, <focus-linux@securityfocus.com>
    Date: Mon, 20 Jan 2003 20:39:28 -0700
    
    

    ----- Original Message -----
    From: "Ryan" <ryan@vbnet.net>
    Subject: Secure Web-Based Administration

    > What are some ways that I can execute certain administrative
    > commands (such as ifconfig,iwconfig,route,scripts in my /etc/init.d/
    > directory, etc...) as root?

    You can enable suexec on your webserver (if you are using apache,
    http://httpd.apache.org/docs/suexec.html, which can execute CGI programs as
    different users (still not root though). You may have to use PHP as an
    external CGI interpreter instead of a module in order to get it to work with
    suexec.), and then, using sudo (you can edit the sudo configuration file
    with visudo) give access to a user to the commands that you wish to execute
    as root.

    To execute the scripts as the superuser, you use the /usr/bin/sudo <command
    name>
    Check out the man pages (sudo(8) and sudoers(5)).

    -Ben La Monica
    CylindriNet Incorporated