how to make PHP lists all Linux Users?
صفحه اصلي

how to make PHP lists all Linux Users?

I want to build a php based site that (automate) some commands on my Ubuntu Server

first thing I did was going to the file (sudoers) and add the user www-data so I can execute php commands with root privileges!

# running the web apps with root power!!! www-data    ALL=(ALL) NOPASSWD: ALL 

then my PHP code was

<?php    $command = "cat /etc/passwd | cut -d\":\" -f1";    echo 'running the command: <b>'.$command."</b><br />";    echo exec($command); ?> 

it returns only one user (the last user) !!! how to make it return all users?

thank you

How do I benefit from argc and argv in C++, the standard way? [closed]


get an ioctl file descriptor for ethernet port
From the PHP manual on exec:. Resources for learning C, Unix, Linux and embedded systems [closed]
Return Values. Is it possible to wrap calls to statically linked 3rd party library? The last line from the result of the command. Is there STDCALL in Linux?If you need to execute a command and have all the data from the command passed directly back without any interference, use the passthru() function. howto check a network devices status in C? To receive the output of the executed command, be sure to set and use the output parameter.. Problems with system() calls in Linux
So you have to did any thing similar to this:. How do I use mqueue in a c program on a Linux based system?
<?php    $output = array();    $command = "cat /etc/passwd | cut -d\":\" -f1";    echo 'running the command: <b>'.$command."</b><br />";    exec($command, &$output);    echo implode("<br />\n", $output); ?> 


Like Matt S said, that's an incredibly bad idea to allow www-data root access on your server. The slightest compromise through your web applications could allow anyone full control of your system.. A better idea would be to make separate scripts for specific accessions then use SUID permissions. This means, a specific user (in this case, www-data) must make small changes to the system through the execution of scripts. Still not a good idea, though. You may be able to job around it with suPHP although security is still a major concern..


/etc/passwd is readable by anyone, so you should be able to execute your command without having any special rights (unless PHP prevents it?)..

90 out of 100 based on 55 user ratings 650 reviews