Giving Apache sudo access
Luke -Jr
luke at dashjr.org
Tue Mar 20 16:28:29 CDT 2007
On Tuesday 20 March 2007 13:12, Kyle Sexton wrote:
> Have you looked at apache suEXEC support? More info at:
suEXEC has the same problems as suid. In particular, all the code runs with
elevated privileges, not just the few bits that need it.
> Not sure if this is what you want, but using /etc/sudoers strikes me as
> odd. :)
sudo is (AFAIK) the only way to allow only a single command.
I wrote a sudo PHP library myself that uses HTTP authentication to execute
specific commands, that I intend to develop into a nice general web interface
someday.
Note that changing ownership/permissions on ttyS0 itself will allow Apache to
do anything it wants with it. This is unsuitable if you only want to allow a
single operation (eg, if it's a serial console).
More information about the Kclug
mailing list