Re: web-gui for scripts
On 18.10.2013 15:35, Pol Hallen wrote:
> Howdy :-)
>
> I searching for what is the way to create a gui interface for my scripts
> ("security web-gui").
>
> So, a script could be something like this (execute by root user):
>
> #!/bin/bash
> # pr.sh
> /etc/postfix reload
>
> So, I must create a gui do "reload postfix service"
/bin/sh will be a little less load on the system, not that it matters.
I would put the script in /usr/local/sbin or something like that, owned
by root and not writable by anyone else. Then add a line in
/etc/sudoers that allows www-data to run just that script and without
any options.
%www-data ALL=(ALL) NOPASSWD: /usr/local/sbin/postfix_reloader ""
The "" is important because it disallows any other parameters, not that
your script should use them.
> I can write a php script like this:
>
> <?php
> $output = shell_exec('/root/bin/.pr.sh');
> echo "<pre>$output</pre>";
> ?>
>
> But I'm afraid about security issue I've also ssl on apache web.
>
> What is the best way to create a "web security gui"? Using post/put
> apache commands? using php code?
>
> Thanks for help!
The easiest thing is to make sure there no user-submitted data can be
passed on to the system and no system output can be passed on directly
to the user. Use if-then statements, case statements, and even
scrubbing via regex if it is necessary to pass data. Also, if these are
maintenance scripts, you might want to put them behind TLS and a password
http://httpd.apache.org/docs/2.2/howto/auth.html
Ignore guides that tell you to put authentication in .htpassword. That
advice is for people without access to the web server's configuration file.
Regards,
/Lars
Reply to: