Reputation: 9504
Changing user system passwords with a PHP script
So I have a PHP script that needs to change a Linux user password programatically.
The script is running as www-data (which is the username given to apache2). I execute chpasswd with popen, and then fwrite the username:password pair. This causes an error.
Dropping down to a bash shell, I try to see what's going on here. Naturally, I suspect it's some kind of permissions issue. So, I change users to www-data and try to execute chpasswd manually:
# su www-data
$ /usr/sbin/chpasswd
jsmith:mysecretpassword
Changing password for jsmith.
chpasswd: (user jsmith) pam_chauthtok() failed, error:
Authentication token manipulation error
chpasswd: (line 1, user jsmith) password not changed
So this reveals why PHP is unable to execute the command. The error message is not exactly straightforward, but I suppose the gist of it is that a PAM authentication problem occurred (which I assume basically means a Linux permissions problem). So, if I su to root, I'm successfully able to change the password via chpasswd.
So obviously the problem here is that apache2 (user www-data) doesn't have sudo privileges. Is the only solution here to add www-data to the sudo group? Because I'd rather not do that. But I don't see any other option here.
More generally speaking - apart from the specifics of this situation - how is it even theoretically possible for a web program that might need to change user passwords to be able to do so without having sudo privileges? But if the web program has sudo privileges, then isn't that a major security problem?
Upvotes: 0
Views: 847
Answers (2)
Reputation: 1828
Look into this and this. The second alternative, even though they have a "security" section at the bottom with suggestions, doesn't seem safe to me, but it's just a feeling.
I'd go for web-chpass.
Upvotes: 0
Reputation: 1099
I would likely setup a queuing system that runs as root and have the php script add to the queue instead of having PHP have access to any privilege escalation. This will also close some security holes although having web interface to changing linux user passwords still sounds like a bad idea.
Upvotes: 1
Related Questions
- Using shell_exec('passwd') to change a user's password
- Change Password in PHP
- Php script to change Ubuntu user password
- PHP: change password
- Command line script to create user passwd
- change password function
- passwd command to change the linux pc's password through php script shows permission denied
- Changing password of Unix remote server through PHP SSH
- Change Linux User password from PHP script
- PHP/PAM to change user password?