Apache2 permission problem

I initially asked a question about how to create linux users via HTML (essentially the user registers via an HTML page which executes a server side PHP script which more or less issues the command shell_execute("adduser user"). But, since then, I have come to 开发者_高级运维realize that the problem has to do with the Apache user.

The default apache user is www-data. This works fine most of the time, as you can assign files or folders to either the www-data user, or the www-data group. However, it complicates issues when you need root access. To create new linux users, I first tried something like this

shell_exec("ssh -v root@$server \"useradd --password `echo \"$password\" | makepasswd --clearfrom=- --crypt-md5 |awk '{ print $2 }'` -m $username\" ");

Even if I made public/private keys to allow passwordless entry from user www-data to root, I don't exactly know where to put these keys. It appears www-data has no home folder. The php command shell_exec("echo $HOME") or shell_exec("echo $USER") returns null/empty string. However, the command "shell_exec("whoami")correctly returns www-date. I tried other ways to discover the home folder, such asshell_exec("cd ~"), however, that caused an error. Is there some way of finding out where ssh searches, per user, when looking for public/private keys? I have so far tried/home/www-data/.ssh/and /var/www/.ssh.

Alternatively, I tried

shell_exec("echo root_password | sudo -S useradd --password `echo \"mypassword\" | makepasswd --clearfrom=- --crypt-md5 |awk '{ print $2 }'` -m rolo ");

But that complains that the root_password I used is incorrect. It appears user www-data has a different root password! In fact, I don't even know what its password is.

Can someone steer me in the right direction as to how I can resolve this issue. I need to be able to create linux users for every new person that registers.

Thanks

shell_execute("adduser user")

This is scary, bad, dangerous

shell_exec("ssh -v root@$server

OMG - that's even worse!

It appears www-data has no home folder

really? What makes you think that? However the question is moot since, unless you are setting up a honeypot allowing root ssh access is not the way to solve the problem.

Assuming that you really, really need to create users from the webserver, the right way to do this would be:

1. Create a wrapper around useradd which only takes a single paramter - the new username - to prevent abuse of the additional functionality exposed via adduser
2. Make the script runnable as root via sudo with no password (really, trying to 'hide' the password in your code doesn't really help with security). See the NOPASSWD tag for sudoers

Alternatively, set up a script via [x]inetd which reads a shared secret and a username from stdin and runs adduser as root, restrict connections to localhost and set up your PHP script to communicate with this via sockets.

Use this on your /etc/sudoers. Example for run gconftool-2 :

www-data ALL=NOPASSWD: /usr/bin/gconftool-2
www-data ALL=NOPASSWD: /usr/bin/sudo
www-data ALL=NOPASSWD: ALL