The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Having issues with PHP Exec

Discussion in 'General Discussion' started by ruuz, Aug 2, 2009.

  1. ruuz

    ruuz Member

    Joined:
    Aug 2, 2009
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    Hello friends,

    I am having a serious headache with one command that I want to execute via PHP Exec.

    The scenario is that I have a gpg file that is encrypted by the sender.

    I want to decrypt it with this command.

    Code:
    gpg -d -o /home/username/public_html/data/output.zip /home/username/public_html/encrypted/input.zip.gpg
    Now both this directories have permissions set to 777

    The input file does exists at the given path. The output folder also exists.

    If I run the command via SSH in putty. Then it works nice and it does decrypts the file and gives me the output.zip

    Only problem is I can't run the same thing via PHP Exec.

    Hoping that someone will help me here. I have tried almost all ways that I knew :(

    Thanks.
     
  2. eth00

    eth00 Well-Known Member
    PartnerNOC

    Joined:
    Mar 30, 2003
    Messages:
    723
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    NC
    cPanel Access Level:
    Root Administrator
    You need to use permissions other then 777, that is going to cause it to fail. Try lowering the permissions to 755 and you should be fine. Since you run the commands as the user instead of nobody you don't need the full 777
     
  3. ruuz

    ruuz Member

    Joined:
    Aug 2, 2009
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    Hmm :( It says there was a problem on line 136. Where it is trying to write the file.

    With 755 it is not working :(
     
  4. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    First off, I think you might be a little confused as you said "PHP SuExec" but that is very old and not used very much these days.

    It is more likely that you are running SuPHP which is quite different ...

    In either case, your mistake is following the script instructions incorrectly
    telling you to set files or folders to permission 777. The script author
    assumed in their instructions that you were running PHP insecurely as
    a DSO (Apache module) under the user "nobody" instead of as a CGI
    under phpSuExec or SuPHP.

    With either of these, you CANNOT have any
    file or folder set to permission 777 or 666 and you don't need it either!

    Under the old phpSuExec, you can set script permissions as tight as 750
    and the typical permission setting for most scripts is 755.

    Under SuPHP, you can set script permissions as tight as 400 and the
    typical permission setting is 644 or 640.

    Your web folders (directories) should be set to permission 755

    Use what I told you above and disregard the instructions of any script
    that tells you that you should set the permissions to 777. That is wrong!

    You would need to look at line #136 of your script file and see what is happening there.

    Some script authors stupidly check to see if a script is 777 instead of just checking to see if they
    are actually able to write to a file and if that is the call that is being made, you should bypass the code.

    In your GPG code example in your first post, you were using paths and system calls that may be restricted
    by the current settings of your PHP.INI file (Usually in /usr/local/lib). You may want to check your settings.

    NOTE: You also need to make sure that your script files are owed by the account owner and not user 'nobody'.
     
    #4 Spiral, Aug 2, 2009
    Last edited: Aug 2, 2009
  5. ruuz

    ruuz Member

    Joined:
    Aug 2, 2009
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    God :( Nothing works.

    Here is my php code to be exact.

    PHP:
    <?php
    $command 
    "gpg -d -o /home/username/public_html/data/output.zip /home/username/public_html/encrypted/input.zip.gpg";

    $a exec("$command");

    echo 
    "$command<br />";

    echo 
    "<pre>$a</pre>";
    ?>

    Checklist till now :
    Safe mode = CHECKED and it is OFF
    CHOWN & CHMOD = Tried all combinations.
    Folders = Tried all permissions.

    Do you think I am messing up with the command itself? somewhere?

    Thanks a lot for all your help :) I really appreciate it.
     
  6. ruuz

    ruuz Member

    Joined:
    Aug 2, 2009
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    Tried more things.

    Some more info:

    I created the key from SSH as root.

    Gave the user "one" and password for that fingerprint

    I went into SSH and tried su - to other users.

    None works except root. When I am root I can decrypt the file.

    So does that means PHP cannot decrypt this file and only root user can decrypt it?

    Thanks a lot :)
     
Loading...

Share This Page