On 4/25/07, Nathaniel Hall <halln@xxxxxxxxxxxxxxxxx> wrote:
Davi wrote:
> Em Domingo 22 Abril 2007 03:12, Richard Lynch escreveu:
>
>> On Fri, April 20, 2007 3:00 pm, Nathaniel Hall wrote:
>>
>>> <?php $MAC = system("arp 192.168.200.254"); echo $MAC; ?>
>>> does not give me any
>>> output. I have copied arp to a place that the apache user can execute
>>> from and ensured arp is executable.
>>>
>> Use exec and the extra args to get error codes.
>>
>
> ARP is a root-command... =]
>
>
>> Can you run 'arp' and get what you want from command line?
>>
>
> As web-user? No.
>
>
>> Can you 'su' to PHP user and *then* run it and get what you want?
>>
>
> Hum... Not at all... You need to enter the root password... How can you do
> that?
> sudo sounds a little better... But... How about security?
I know it can be done because I have a Fedora Core 4 system doing it
right now. I didn't have to do anything special for it to work. The
system I am working on now is a Fedora Core 6 box. In /var/log/messages
I receive:
Apr 24 09:33:51 STUAUTH kernel: audit(1177425231.020:114): avc: denied
{ execute } for pid=31786 comm="httpd" name="bash" dev=dm-0 ino=916642
scontext=root:system_r:httpd_t:s0
tcontext=system_u:object_r:shell_exec_t:s0 tclass=file
If fixing up selinux doesn't work then look in to using 'sudo'. The
manpage(s) show examples about how to set it up to allow specific
commands to be run without a password.
--
Postgresql & php tutorials
http://www.designmagick.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
