Home/ Questions/Q 4607198
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-22T00:40:10+00:00

I need to change the user of a PHP script at runtime. I’ve looked

  • 0

I need to change the user of a PHP script at runtime. I’ve looked at posix_setuid, but it looks unsecure and requires root privaledges. What would be preferable is changing the user id of the script with the users password (something like posix_setuid($username, $password)), and avoiding running the script as root.

I’m open to other methods, and the script doesn’t necessarily need to be PHP. However, it is going to be called from apache.

A good anology to the scenario would be how cPanel su’s to the currently logged in user on it’s file manager.

I need to change the user because I’m creating a file manager for a multi-user setup. Currently, I have the file manager set up so that apache serves my PHP file manager as root. However, this is not reasonable, because in case of a security bug in the code, one user can edit files on the entire server.

I’m looking for a way to SU the script to the logged in user so that in case of a security flaw, the user is only restricted to their own files.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I needed to do this a while ago. I basically created a bash script which accessed resources that only root had access to. Here’s what I did:

    Use the visudo command to change your /etc/sudoers:

    ## Allow root to run any commands anywhere
root    ALL=(ALL)       ALL
apache ALL= NOPASSWD: /sbin/myscript.sh

    I have added the line which allows the apache user to run /sbin/myscript.sh with the sudo command without entering the password.

    After that, you can just put the following in your php file to get the output:

    $output = shell_exec("sudo /sbin/myscript.sh");
    • 0