Everyone is missing the bigger picture here: Why is a PHP script calling the shell? 9 times out of 10, that's a bad idea and things should be redesigned so that it's not needed.
--- âLanie, Iâm going to print more printers. Lots more printers. One for everyone. Thatâs worth going to jail for. Thatâs worth anything.â - Printcrime by Cory Doctrow Please avoid sending me Word or PowerPoint attachments. See http://www.gnu.org/philosophy/no-word-attachments.html On Mon, Jun 1, 2015 at 1:47 PM, dan mclaughlin <thev...@openmailbox.org> wrote: > On Mon, 1 Jun 2015 06:05:28 -0400 Josh Grosse <j...@jggimi.homeip.net> > wrote: > > On Mon, Jun 01, 2015 at 04:45:01AM -0400, dan mclaughlin wrote: > > > On Sun, 31 May 2015 22:20:17 -0500 Okupandolared <kan...@darkmail.mx> > wrote: > > > > does not exist, > > > > > > > > so I can copy /usr/bin/whoami to /var/www/usr/bin/whoami? > > > > > > > > that try "ls" and "/bin/ls" and "/var/www/bin/ls" > > > > > > > > and it does not work, > > > > "/bin/ls" exist > > > > "/var/www/bin/ls" exist > > > > > > > > thanks > > > > > > > > On 05/31/15 19:43, Zi Loff wrote: > > > > > On Sun, May 31, 2015 at 09:35:36PM -0500, Okupandolared wrote: > > > > >> -----BEGIN PGP SIGNED MESSAGE----- > > > > >> Hash: SHA256 > > > > >> > > > > >> I like received variables POST and send to KSH script. > > > > >> > > > > >> But it seems that in OpenBSD 5.6 and php-fpm. > > > > >> > > > > >> exec() and exec_shell() not working. > > > > >> > > > > >> Could anyone help me? > > > > >> > > > > >> This link explain in detail what I've tried. > > > > >> > > > > >> > http://serverfault.com/questions/695703/php-fpm-does-not-work-me-exec-or-shel l-exec > > > > >> > > > > >> thanks > > > > > > > > > > If the server is chrooted at "/var/www" then "/usr/bin/whoami" > (from the > > > > > server's point of view) actually means "/var/www/usr/bin/whoami" > (from > > > > > your point of view). Does that file exist? > > > > > > > > > > have you tried to copy /bin/sh to /var/www/bin/sh? > > > > Also, in a chrooted filesystem, every dynamically linked executable > needs access > > to ld.so and its shared libraries. Which means /var/www/usr/lib and > > /var/www/usr/libexec will need files populated -- every binary file > should be > > checked wiht ldd(1) to ensure required libraries are made available. > > shared libraries. Each program should > > that reminds me, i did a write up on chrooting programs here: > https://marc.info/?l=openbsd-misc&m=142676615612510&w=2 > > although it got into more, the basics of setting up a chroot jail are > there. > > i also have a script that adds a binary and its dependencies automatically. > i'll have to post it later, since i've actually been meaning to recently. > just have to make a few adjustments for portability.
