php - LAMP security - www-data sudoer -

-

I'm looking for a way to run some command line functions, including some pseudo commands, I reboot. I understand that giving poodo access to www data data is a security risk. Most people say that for writing a file and cron runs it every minute raises the commands.

But when I reboot, I want to reboot it.

This is the raspberry pie with some recording software, which will be controlled using web interfaces (like webmin , all routers?). Raspberry PE will sit clearly on a local network with access to download / upload information on the Internet, Raspberry Pi will have a username and password to access the web interface.

Is not it how your router works? Router's web interface basically has root access and in most cases you can set a bass script to run, of course, that I am trying to get it with Raspberry P.

Raspberry P is safe in the form of web interface, ssh log is disabled (but only log through enabled key) I www-data Can I use sudo commands?

Okay? Or can there be any problem?

You may consider running another webserver process which is available only from the local host and root PHP runs as this server will need a script such as reboot again. The user-facing web server will then use the cURL (or hopper) to access other servers.

If your user-facing server is compromised, an attacker can clearly reboot your server, but will not have access to your full file system.


Comments

Post a Comment

Popular posts from this blog

import - Python ImportError: No module named wmi -

-
I followed the instructions for downloading WMI for Python When I try to run the code for C.Win32_Service (StartMode = "Auto", state = "Stopped") import wmi c = wmi.WMI (): if Raw_input ("restart% s?"% S.Caption) .upper () == "Y": s.StartService () I got the error traceback (most recent call end): file ". \", Line 1, edit: I am using Python 2.7.6 EDIT2: I am running 64-bit Windows 2008 R2, and I've downloaded WMI-1.4.9.zip (md5). I removed the content and put it in D: Python \ Tools \ Scripts I executed dragon setup.py.install I said D : \ Python \ tools \ scripts to% PATH% and when I execute the code for C.Win32_Service (StartMode = "Auto", state = "Stopped") import wmi c = Wmi.WMI (): If raw_input ("Restart% s?"% S. Caption). () == "Y": s.StartService () error me Gets traceback (most recent call final): File ". See \", line 1, & lt; Modu...
Read more

Editing Python Class in Shell and SQLAlchemy -

-
I am working on the terminal on a shell script after this tutorial SQLAlchemy tutorial. I need to type gt; & Gt; & Gt; Sqlalchemy import column, integer, string & gt; & Gt; & Gt; Class user (base): __tablename__ = 'users' id = column (integer, primary_key = true) name = column (string) absolute name = column (string) password = column (string) def __repr __ (self): return "& lt ; User (name = '% s', absolute name = '% s', password = '% s') & gt; "% (Self.name, self.fullname, self.password) After the problem I have typed the password = column (string) I hit twice and changed .... >> I then took everything back but then an error was thrown because the class already exists ... I am not completely sure how to fix it. How do I open that slip in the shell script and edit it (Add DF to DRR) The error thrown below: / user / giripeters / TFSQLLX / Lib / python2.7 / site-packages / sqlalchemy / ext / decla...
Read more

lua - HowTo create a fuel bar -

-
I would like to create a fuel bar (empty with full tank). When the user touches the screen, the fuel once Dairejh these is my code: lifeBar = display.newImage ( "fuel_bar1.png") lifeBar.anchorX = 0 lifeboats. ======================== Lifetime Y = 37 screens Group: The Insert function (called Laifbar) However, I fuel Kansmoshn (equivalent to "pressed" variable to reduce the fuel tank "true") Have used. When pressed == is true, it means that the user is touching the screen: processed (fuel) processed () if life & gt; 0 and pressed == true remains = life - life 1 Life = life =. Wide-1 remains Value.text = string.format ("% d", life) End of this This function is active as the entrance event: runtime: addEventListener ( "Antrfrem" fuel Snsadna) it is very well, but my question is: pressed variable each time 5 seconds (once = = True) How is it possible to reduce the vitality width? I tried to add it to my touch even...
Read more