I am trying to bind and listen to a privilege port however I keep receiving this message "Permission denied"
Here are the things I have tried to do:
chgrp www-data file.php
chmod 770 file.php
Gave the file the correct permissions to execute and still nothing
setcap cap_net_bind_service=+ep file.php
Did not work, probably because it is not a executable file...
posix_setuid(0)
Gave my script root privileges however it did not change the user id for the script. It remained the same.
分享 You have a misunderstanding regarding file permissions and the permissions required to execute, in this case bind to a port number lower than 1024.
File permissions only deal with who can read and write to the file. I.e. when you do:
chmod 770 file.php
You are allowing file.php to rw by owner and group, but no access for users outside the group.
What you need is a privileged user to execute the file (root in this case since that is the only account able to bind to privileged ports). However letting PHP anywhere near root is a security risk (outside the scope of this question to elaborate). Since you require root your best bet is allowing the standard (unprivileged) user that runs your web-server obtain a shell with root permissions only when needed. Then trigger your script in this priviliged shell.
Here is a project that allows PHP to obtain and interact with a real Bash shell as root. Get it here: https://github.com/merlinthemagic/MTS
After downloading you would simply use the following code:
$shell = \MTS\Factories::getDevices()->getLocalHost()->getShell('bash', true);
$return1 = $shell->exeCmd('php /full/path/to/file.php');