PHP and shell, user acces stuff

Question

I want PHP to be able to create a folder in a folder where it does not have access. The created folder should in the end be owned by the user virtual and the group virtual.

I have tried added the following to visudo.

virtual  ALL=(ALL) NOPASSWD: /var/mail/virtual
_www ALL=(ALL) NOPASSWD: /var/mail/virtual

With that I try the following command from php with exec();

sudo -u virtual mkdir /var/mail/virtual/test.com

The command works when executed through a terminal, but not when called through php.

Anyone able to tell me where i went wrong?

The server is running Ubuntu 14.04 LTS

Answer 1

There are a number of things going wrong here.

1. Entries in /etc/sudoers specify commands that can be run, not directories that can be accessed.

2. There is generally no _www user on Ubuntu systems. That username is an artifact of Mac OS X.

3. The first user in the command line is the user that is being allowed to invoke sudo, not the user that they can run the command as.

A more appropriate solution here would be:

www-data ALL = (virtual) mkdir /var/mail/virtual/*

There are still some subtle vulnerabilities in this command specification (it's possible to escape /var/mail/virtual and create directories in other locations where virtual has permissions), but it's much more secure than what you've come up with.

Answer 2

I made it work, somehow.

Changed the visudo to

www-data ALL=(ALL) NOPASWD: /var/mail/virtual, /var/mail/virtual/dir.sh

Placed the script dir.sh in the folder and changed the command in the PHP part to

sudo /var/mail/virtual/dir.sh $dir