Ryan, You would be best off using webmin, as others have suggested. It is flexible, modular, and extensible. It handles the functions you have mentioned, and many more. It supports multiple roles with differing access levels. It has been widely examined, so it is probably more secure than any home-grown application.
If you're absolutely determined to invent your own wheel, at least review webmin. You should let yourself be inspired by other round things that roll. If you want to take a different tack, you might try a message-based architecture. Instead of invoking root processes from your web server, have the web server process leave authenticated requests in a queue. Have a root process loop around and review the requests. If they're in the proper predefined format, fulfill the requests. Above all, remember that user input is the enemy! Sure, you would never type anything harmful...but you have to assume that everyone else will. Gavin Brennan Senior Network Engineer Terrapin Systems, LLC 6116 Executive Blvd Suite 501 Rockville, MD 20852 301-594-0763 Office 240-674-8117 Cell http://www.terpsys.com/ -----Original Message----- From: Ryan [mailto:[EMAIL PROTECTED]] Sent: Friday, January 17, 2003 10:00 AM To: [EMAIL PROTECTED] Subject: Secure Web-Based Administration I would like to create some web pages/scripts (probably using PHP since I use it for a lot of other things) to assist me in administering my linux machine. What are some ways that I can execute certain administrative commands (such as ifconfig,iwconfig,route,scripts in my /etc/init.d/ directory, etc...) as root? I'm fairly familiar with the different access-control methods available to me to restrict access to these pages. I will definitely be using SSL with a self-signed certificate. I'm just not sure how to get my web server (which doesn't run as root and I want to keep it that way) to execute these commands with superuser privileges. Thanks Ryan [EMAIL PROTECTED]
