Re: Secure Web-Based Administration

From: Ben La Monica (ben@cylindrinet.com)
Date: 01/21/03

Next message: Glynn Clements: "Re: Secure Web-Based Administration"

Previous message: jon schatz: "Re: Secure Web-Based Administration"
In reply to: Ryan: "Secure Web-Based Administration"
Next in thread: Glynn Clements: "Re: Secure Web-Based Administration"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Ben La Monica" <ben@cylindrinet.com>
To: "Ryan" <ryan@vbnet.net>, <focus-linux@securityfocus.com>
Date: Mon, 20 Jan 2003 20:39:28 -0700

----- Original Message -----
From: "Ryan" <ryan@vbnet.net>
Subject: Secure Web-Based Administration

> What are some ways that I can execute certain administrative
> commands (such as ifconfig,iwconfig,route,scripts in my /etc/init.d/
> directory, etc...) as root?

You can enable suexec on your webserver (if you are using apache,
http://httpd.apache.org/docs/suexec.html, which can execute CGI programs as
different users (still not root though). You may have to use PHP as an
external CGI interpreter instead of a module in order to get it to work with
suexec.), and then, using sudo (you can edit the sudo configuration file
with visudo) give access to a user to the commands that you wish to execute
as root.

To execute the scripts as the superuser, you use the /usr/bin/sudo <command
name>
Check out the man pages (sudo(8) and sudoers(5)).

-Ben La Monica
CylindriNet Incorporated

Next message: Glynn Clements: "Re: Secure Web-Based Administration"
Previous message: jon schatz: "Re: Secure Web-Based Administration"
In reply to: Ryan: "Secure Web-Based Administration"
Next in thread: Glynn Clements: "Re: Secure Web-Based Administration"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]