php - PHP cannot execute local programs when accessed through a browser
问题描述
I am a bit new to PHP and web development in general, and I am trying to execute a program from php. I setup my virtual machine and hosted it properly, but when the website attempts to load the page, it says that the program could not be executed: "permission denied." I tried everything including:
- Adding execute permissions to every file in /var/www/html
- setfacl -m u:apache:rwx /var/www/
- chown -R apache:apache /var/www/
Further context:
- I am on fedora linux
heres index.php:
<html>
<body> <p>
<?php
exec("whoami && ./program 2>&1", $out);
foreach ($out as $element) {
echo $element;
echo "<br>";
}
?>
</p>
</body>
</html>
When I run it from a browser, this is the output:
[fedora@fedora html]$ curl localhost
<html>
<body>
<p>
apache<br>sh: ./program: Permission denied<br></p>
</body>
</html>
Most tips on the internet tell you to make sure user 'apache' has permission to execute the file. I have done that and verified by doing the following commands.
[fedora@fedora html]$ sudo -u apache bash
bash-5.0$ ls -la
total 48
drwxrwxrwx. 2 apache apache 4096 Oct 25 11:22 .
drwxrwxrwx+ 4 apache apache 4096 Oct 25 09:51 ..
-rw-rw-rw-. 1 apache apache 158 Oct 25 11:04 index.php
-rwxrwxrwx+ 1 apache apache 20648 Oct 25 10:02 program
-rwxr-xr-x. 1 apache apache 23 Oct 25 10:57 p.sh
bash-5.0$ ./program
test
test
test
test
test
test
test
test
test
bash-5.0$ php index.php
<html>
<body>
<p>
apache<br>test<br>test<br>test<br>test<br>test<br>test<br>test<br>test<br>test<br>test<br>test<br>test<br>test<br>test<br>test<br>test<br>test<br>test<br>test<br>test<br>test<br>test<br>test<br></p>
</body>
</html>
bash-5.0$
I sudoed into the apache user and was able to read every file in the directory and execute them via the shell. After that, I ran php index.php, and it executed the script perfectly with the exepcted output.
I am at a complete loss for why it can't execute this script in the browser, any help would be much appreciated!
Edit: I checked my php.ini file and there are no disabled functions
...
disable_functions =
...
解决方案
我检查了我的 SELinux 配置,但脚本没有设置正确的权限。当它们需要为 httpd_sys_script_exec_t 时,它们被设置为 httpd_sys_content_t。
简单的解决方法是:
chcon -R -t httpd_sys_script_exec_t program
推荐阅读
- javascript - 如何将活动类设置为变量 - React
- azure-data-factory - 从映射数据流读取时,JSON 中的十进制数被截断
- r - 如何根据另一个 col 的摘要构建变量
- activemq - JBoss 7 Embedded ActiveMQ - MDB 消息侦听器不工作
- apache-spark - 无法解析主 URL:AWS EMR 上的“纱线”
- arrays - Vue 在深度数组中显示更多
- javascript - JavaScript 加一元运算符返回 NaN
- android - 为什么我的应用在 ImageView 中没有显示下载的图像,在 Button 中没有显示下载的文本?
- postgresql - PostgreSQL 11 中的并发更新
- arrays - 数组 React Native 上的多个映射