Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p><em>Read this whole post before trying it out, there are choices to be made.</em></p> <hr> <h2>Solution using a binary wrapper (with suid bit)</h2> <p><strong>1)</strong> Create a script (preferrably <code>.sh</code>) that contains what you want to be ran as root.</p> <pre class="lang-none prettyprint-override"><code># cat &gt; php_shell.sh &lt;&lt;CONTENT #!/bin/sh /sbin/service sshd restart CONTENT </code></pre> <p><strong>2)</strong> This file should be owned by root, and since it will later run with root permissions make sure that only root has permission to write to the file.</p> <pre class="lang-none prettyprint-override"><code># chown root php_shell.sh # chmod u=rwx,go=xr php_shell.sh </code></pre> <p><strong>3)</strong> To run the script as root no matter what user that executes it, we will need a binary wrapper. Create one that will execute our <code>php_shell.sh</code>.</p> <pre class="lang-none prettyprint-override"><code># cat &gt; wrapper.c &lt;&lt;CONTENT #include &lt;stdlib.h&gt; #include &lt;sys/types.h&gt; #include &lt;unistd.h&gt; int main (int argc, char *argv[]) { setuid (0); /* WARNING: Only use an absolute path to the script to execute, * a malicious user might fool the binary and execute * arbitary commands if not. * */ system ("/bin/sh /path/to/php_shell.sh"); return 0; } CONTENT </code></pre> <p><strong>4)</strong> Compile and set proper permissions, including the suid bit (saying that it should run with root privileges):</p> <pre class="lang-none prettyprint-override"><code># gcc wrapper.c -o php_root # chown root php_root # chmod u=rwx,go=xr,+s php_root </code></pre> <p><code>php_root</code> will now run with root permissions, and execute the commands specified in <code>php_root.sh</code>.</p> <hr> <p>If you don't need to the option to easily change what commands that will be executed I'd recommend you to write the commands directly in <code>wrapper.c</code> under step <strong>4</strong>. Then you don't need to have a binary executing a external script executing the commands in question.</p> <p>In <code>wrapper.c</code>, use <code>system ("your shell command here");</code> to specify what commands you'd like to execute.</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload