Re: How to generate script with Apache and run it by root avoiding to "kill" security

On Thu, Jul 26, 2007 at 11:18:43AM -0400, Guillermo Garron wrote:
Hi List,

I am creating a PHP small program that will interact with MySQL and
will have the policies for the people in my office, i.e.:
Who can or can not access MSN messenger
Who can or can not access WWW

etc. once this is stored, a shell script with the iptables rules
should be created, and then run.

I do not want to run it with Apache, so I was thinking on creating a
CRON job that will run it as root once every n minutes, but the issue
i see here, is that if somebody "break" my Apache security he will be
able to create any script he likes and my CRON will run it, killing my
server security.

any better ideas about how can I achieve my goal?

I don't see how you could possibly create a publicly available
interface to change something as fundamental as your firewall and have
it _not_ be a security risk.

maybe you could create a user that only has permissions to run one
script and that one script is only allowed to change your firewall
rules in specific ways, but even so I think you're asking for trouble.

and take that all with appropriate salt as I am no security expert, it
just seems kind of obvious to me...


Attachment: signature.asc
Description: Digital signature