Writing something like this as part of a Web application is definitely a bad idea.
The requirement is more like that of a remote administration system and Webmin (http://www.webmin.com/) cleanly and safely fits the bill. Webmin can actually do more than just restarting Apache. But it can be configured to do only that. best regards. Anil On Wed, 3 Sep 2003, Jason Sheets wrote: > More safely maybe, but even that solution could be exploited somewhat > easily. The script that writes the file would be better off as a CGI > than executed through the Apache module, this would allow you to > restrict write access to the directory where the file that triggers the > restart is stored to the owner of the script, you could then further > restrict access to this script through .htccess or other means. If you > make a file trigger a cronned job to restart the server if you are using > mod_php the directory must be writable to the user the web server runs > as which means that anyone who can execute php code through the > webserver can trigger a server restart by writing the file, you could > even cron it to write the file every minute effectively shutting the > server down (whether it be web or the actual system itself). > > Doing something like this takes a lot of thought, it can be made > difficult to exploit but you need to do more than just make a cron > pickup a file, excellent starting place though. > > Jason > > Dan Anderson wrote: > > >Search the archives. Somebody wanted to restart their server using a > >web page, and a clever solution was pointed out. By creating a script > >that monitored for a particular file in temp and restarted the server if > >it existed it, and cronning it for every minute, they could do it safely > >and securely. > > > >-Dan > > > >On Tue, 2003-09-02 at 12:19, Joe Harman wrote: > > > > > >>Hey guys & gals... > >> > >>Is there a way to restart Apache with a PHP command? > >> > >> > >> > >>Joe Harman > >> > >> > >> > >> > > > > > > > -- Linuxense Information Systems Pvt. Ltd., Trivandrum, India http://www.linuxense.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
