I have a โsimpleโ question: how can I safely change the user password from a PHP script without granting Apache administrator privileges or not introducing other crazy security holes?
Background: CentOS 6, Apache 2.2.13, PHP 5.3.3
I am aware of the pam_chpasswd () command, which is part of the PECL PAM library. However, this function fails if the host process (httpd) does not have access to the / etc / shadow file. (BAD IDEA! Do not know how this library helps if it requires such high privileges ...)
The ideal situation, as far as I see, is for PHP to call the shell script with 'sudo -u [username of the user changing the password] This will lead the user to the script "AS", so he must have permission to change his own password. And sudo will require the user to send their existing password in order to authenticate, thereby preventing one user from changing the password of another user.
But this does not work for some reason ... when opening a process with popen, the process never runs. I have a shell script installed to upload some text to a public file in / tmp. But it never comes to that.
$cmd = "/usr/bin/sudo -S -u$username /file_to_execute.sh"; $handle = popen ($cmd, "w"); // Open the process for writing fwrite ($handle, "$current_password\n"); // Send the user current password to sudo (-S option) fwrite .... (write the username, current password, and new password, so the script can change it) $result = pclose($handle);
If I access this php script (http: //server/script.php), the function immediately fails, and $ result = 1
If I modify the sudoers (visudo) file and add the line:
$ Default: apache! requiretty
script freezes for about 10 seconds, then crash ($ result = 1)
Any suggestions for this are greatly appreciated!