Ineffective blocking of php exec()

ah-blabla

New Member
Messages
375
Reaction score
7
Points
0
As we all know, the php function exec() isn't allowed on X10Hosting. However since shell scripts are allowed, it isn't particularly hard to get around this. Is this meant to be the case, since it's rather inconvenient to use a roundabout method to get the same result.

Just so that you know, here is how you can use an equivalent of php exec():
Shell script:
Code:
#!/bin/bash
echo "Content-type: text/plain"
echo ""
$1
(Note to anyone who actually wants to use this -- assuming that the admins don't block this method: make sure you secure it, ideally with both ip check and with password file. That is what I'm currently adding in.)
To run a program in the directory you just need to call the shell script as such:
http://address.of/script.sh?command to run
this runs 'command to run'
To use this in php you can use this function:
PHP:
function execute($name) {
        $ch = curl_init();
        curl_setopt($ch, CURLOPT_URL, "http://adress.to/script.sh?".$name);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
        $output = curl_exec($ch);
        curl_close($ch);
        return($output);
}
The function returns the program output as a string.
(It would actually be possible to write a full replacement of php exec() if one wanted to. If override_function were available it would be enough to use that at the start of the main php file to make all other code work without modifications.)
 
Last edited:

Anna

I am just me
Staff member
Messages
11,733
Reaction score
578
Points
113
Having a shell script would get your account suspended as far as I know.
 

ah-blabla

New Member
Messages
375
Reaction score
7
Points
0
The terms of service don't state that there's anything wrong with running shell scripts: they only have to be related to your site (and this one would be assuming you need to execute a program from php as part of your site, e.g for backup from php etc.). And more importantly, shell scripts aren't blocked. (I don't actually use the methd I outlined in the first post BTW, I only tested it to prove that this is possible.)
 
Last edited:

batman1

New Member
Messages
92
Reaction score
0
Points
0
I guest you are suggesting that the remove the shell block. Well I don't think they will do that for many reasons: security I believe is one.
 

descalzo

Grim Squeaker
Community Support
Messages
9,373
Reaction score
326
Points
83
Look at the questions posted on these forums.
How many are by people who use a CMS and they have no idea how it works?
They throw in plug-ins and modules from anywhere they find on the Net.
They have memory or other usage problems because the authors of the add ons are sloppy coders.
What if the authors of the add ons are malicious or just use exec() incompetently?

If there is a way around the blocking of exec(), the user has to do it themself. He has to know some programming. He gets blamed for any problem, he cannot pass it off on the author of a plugin or script.

If you want more direct power, program in perl.
 
Last edited:

ah-blabla

New Member
Messages
375
Reaction score
7
Points
0
Look at the questions posted on these forums.
How many are by people who use a CMS and they have no idea how it works?
They throw in plug-ins and modules from anywhere they find on the Net.
They have memory or other usage problems because the authors of the add ons are sloppy coders.
What if the authors of the add ons are malicious or just use exec() incompetently?

If there is a way around the blocking of exec(), the user has to do it themself. He has to know some programming. He gets blamed for any problem, he cannot pass it off on the author of a plugin or script.

If you want more direct power, program in perl.
I was thinking slightly along those lines, but on the other hand, if a user does something bad to their data by accident/stupidity, it is, in the end, their fault. They should be allowed to make mistakes and learn from them. You can be just as malicious to the user's data through this method as through exec: a malicious add on author could include the shell script as a string in a php file, and then write it into a new file to allow it to run if exec() doesn't exist, so that protection also isn't offered, and the main thing you would do from exec, i.e. modify data, you can do from php. Allowing a user ftp access is just as dangerous, they can delete their data in the same way.

(And btw, exec() should affect general server security as little as my method since both should run the program with the same rights as the php script, i.e. the rights of the user whose webspace the php script is on, so only the webspace of the user can be affected. Technically other user's webspace could be attacked if they use incorrect file permissions, but that can be done just as well in php, since it also has filesystem access.)
 
Top