dtwvr26066 2018-01-20 16:30
浏览 71
已采纳

PHP - 关注通过网站运行bash脚本

I am working on a game panel and I building it in PHP and BASH. So, the web panel controls the game severs by running bash scripts when buttons are pressed. So far so good. My problems come when I need to run the bash scripts because the user running them needs sudo privileges or the scripts will have a an unexpected behavior:

  1. Should I create a new user and give it sudo privileges, then login to the server via SSH (through PHP)? If so how can I store the login credentials safely so if a hacker breaches my website he won't find them?

  2. Should I give www-data sudo privileges to the specific scripts? Is this a dangerous approach?

  3. Is there any better and more secure way to run bash scripts from a webpage?

I am a newbie PHP developer and my first project is a game panel running on Ubuntu server. Please have mercy. :)

  • 写回答

2条回答 默认 最新

  • doubailian4459 2018-01-20 16:58
    关注

    I wouldn't run any bash scripts directly from PHP, instead I would decouple the two by using a message queue.

    Have the PHP script send a message to an exchange and mark the action as "in progress". Then have a bash script run as a consumer for a queue that receives the message, process it and run the necessary script. Finally pass the message on to another queue which is consumed by PHP and update the action status as "completed" or "failed", depending on the outcome. This is not a synchronous process but it's the safer way to handle it.

    Suggested reading:

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥15 这种微信登录授权 谁可以做啊
  • ¥15 请问我该如何添加自己的数据去运行蚁群算法代码
  • ¥20 用HslCommunication 连接欧姆龙 plc有时会连接失败。报异常为“未知错误”
  • ¥15 网络设备配置与管理这个该怎么弄
  • ¥20 机器学习能否像多层线性模型一样处理嵌套数据
  • ¥20 西门子S7-Graph,S7-300,梯形图
  • ¥50 用易语言http 访问不了网页
  • ¥50 safari浏览器fetch提交数据后数据丢失问题
  • ¥15 matlab不知道怎么改,求解答!!
  • ¥15 永磁直线电机的电流环pi调不出来