----- Original Message -----
From: "mario ohnewald" <[EMAIL PROTECTED]>
To: <debian-security@lists.debian.org>
Sent: Tuesday, September 02, 2003 3:53 AM
Subject: execute application from webinterface
> What is the securest way of starting a application, like ping, from a
> webinterface as a diffrent user.
> Lets say, to run ping 123.456.789.000 as user user123.
>
> If i use "system", it executes it as www-data.
>
> Any idea how i could solve this problem?
> With php, perl, bash, etc... ?
sudo can do this , and is probably universal across php/perl/bash/anything
that can execute system commands :)
first : visudo
then add : www-data ALL=(ALL) NOPASSWD: /bin/ping 123.456.789.000
save, and then from your web app, call system("sudo /bin/ping
123.456.789.000") !
regards,
wK (www.doubleukay.com)
