Hi,
I'd like to build a simple web app, which manages some directory on a server. I want to give people the option to use chown and chmod.
What is the safest way to give PHP this permission? The quickest thing is just running Apache and PHP as root, but that doesn't seem to be a smart idea.
One other thing I thought of, was creating a separate script which has setuid root..
Thanks!
Well, it certainly sounds like a dangerous idea to begin with and I'd prefer sitting down and thinking through the whole strategy of what is trying to be achieved.
The danger is privilege escalation of an executable script which a remote user could modify or upload, of course. Full chown/chmod in a web app is equivalent to just pasting your root password on the page.
What is it exactly which needs to happen?
If the chown needs to happen for some reason but not to root (we hope) then the functionality should be wrapped. I would take the user requests and queue them, then have a separate process (could be shell, php, perl, anything) running as root by cron check this queue, check to see if the request fit the allowed parameters, and make the changes.
One way would be to set up sudo on your machine (assuming it's a Linux box). Sudo allows you to run commands elevated, governed by restrictions set forth in the sudoers.conf file. Use tight rules to limit its use to the required commands in a specific directory for the user your web service is running under (like www-data), and then call the command shell from your PHP script something like tis:
shell_exec("sudo chmod 777 dirname");
Do make sure that your sudo config is tight, to ensure that breaking out will be next to impossible.