> You're suggesting that you would allow apache sudo access, correct? So
> wouldn't any user on your system then be able to create a script using
> sudo to gain root privileges? That would be bad, methinks.
snip
> Shouldn't there be a safer way? Some sort of configuration with which
> you could specify a particular script can run as root rather than the
> whole webserver.
maybe the actual setup would clear things up.
my apache runs as user webuser:
php code:
$flipit = "sudo /home/{$flipitDir}/flipit flip {$device} {$action}";
system($flipit, $retval);
visudo:
webuser ALL=(ALL) NOPASSWD: /home/flipit-0.3.6/flipit
mrb
--------------------
BYU Unix Users Group
http://uug.byu.edu/
The opinions expressed in this message are the responsibility of their
author. They are not endorsed by BYU, the BYU CS Department or BYU-UUG.
___________________________________________________________________
List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list
