dtwvr26066 2018-01-20 16:30
浏览 71
已采纳

PHP - 关注通过网站运行bash脚本

I am working on a game panel and I building it in PHP and BASH. So, the web panel controls the game severs by running bash scripts when buttons are pressed. So far so good. My problems come when I need to run the bash scripts because the user running them needs sudo privileges or the scripts will have a an unexpected behavior:

  1. Should I create a new user and give it sudo privileges, then login to the server via SSH (through PHP)? If so how can I store the login credentials safely so if a hacker breaches my website he won't find them?

  2. Should I give www-data sudo privileges to the specific scripts? Is this a dangerous approach?

  3. Is there any better and more secure way to run bash scripts from a webpage?

I am a newbie PHP developer and my first project is a game panel running on Ubuntu server. Please have mercy. :)

  • 写回答

2条回答 默认 最新

  • doubailian4459 2018-01-20 16:58
    关注

    I wouldn't run any bash scripts directly from PHP, instead I would decouple the two by using a message queue.

    Have the PHP script send a message to an exchange and mark the action as "in progress". Then have a bash script run as a consumer for a queue that receives the message, process it and run the necessary script. Finally pass the message on to another queue which is consumed by PHP and update the action status as "completed" or "failed", depending on the outcome. This is not a synchronous process but it's the safer way to handle it.

    Suggested reading:

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥15 elasticsearch
  • ¥30 python ttk 获取下拉框问题
  • ¥15 uniapp的uni-datetime-picker组件在ios端不适配
  • ¥15 前端 uniapp App端在离线状态如何使用modbus 连接手机蓝牙进行读写操控机器?
  • ¥15 SQL语句根据字段自动生成行
  • ¥500 “掌声响起来”软件(不确定性人工智能)
  • ¥500 我要找大模型一体机产品手册和应用案例
  • ¥20 关于游戏c++语言代码问题
  • ¥15 如何制作永久二维码,最好是微信也可以扫开的。(相关搜索:管理系统)
  • ¥15 delphi indy cookie 有效期