running exec

Support/Development for PHP
faris
Long Time Forum Regular
Long Time Forum Regular
Posts: 2321
Joined: Thu Dec 09, 2004 11:19 am

running exec

Unread post by faris »

I've recently set up a particular script and associated bits and bobs and eventually got it to work.

Then it hit me, hard, that it should NOT have worked. Or at least I don't think it should have.

I have a site running with php 5.6 (php-fpm mode)

In /httpdocs there's a file we'll call "file.fcgi" which has standard perms and owner (ftpuser) and contains :

Code: Select all

#!/bin/sh
exec /opt/directory/somefile_cgi
/opt/directory/somefile_cgi is actually a perl script and is world executable.

And as I say, it works. Accessing domain.tld/file.fcgi causes the perl script to run.

How is this possible? I realise the somefile_cgi is world executable. But how is ftpuser able to run "exec"?
Shell access is disabled for this user. I've checked /etc/passwd and the shell is /bin/false for the particular ftpuser.
--------------------------------
<advert>
If you want to rent a UK-based VPS that comes with friendly advice and support from a fellow ART fan, please get in touch.
</advert>
prupert
Forum Regular
Forum Regular
Posts: 573
Joined: Tue Aug 01, 2006 2:45 pm
Location: Netherlands

Re: running exec

Unread post by prupert »

How is this possible? I realise the somefile_cgi is world executable. But how is ftpuser able to run "exec"?
Shell access is disabled for this user. I've checked /etc/passwd and the shell is /bin/false for the particular ftpuser.
This only prevents the user from being able to login to a shell. It does not forbid programs from running with the privileges of that user, if your system starts them.

You have configured your web server to start a program ("file.fcgi"), and it will run that program. This is what happens. If you want to prevent that from happening, just don't configure your web server to run this program! ;-)
Lemonbit Internet Dedicated Server Management
faris
Long Time Forum Regular
Long Time Forum Regular
Posts: 2321
Joined: Thu Dec 09, 2004 11:19 am

Re: running exec

Unread post by faris »

Are you saying disallow fcgi file processing?

I'd have to remove /etc/httpd/conf.d/mod_fcgid.conf.
Won't that break .... lots of things?
--------------------------------
<advert>
If you want to rent a UK-based VPS that comes with friendly advice and support from a fellow ART fan, please get in touch.
</advert>
Post Reply