[sudo-users] Calling sudo from PHP script under Apache httpd
Todd C. Miller
Todd.Miller at sudo.ws
Thu Feb 11 10:18:15 MST 2021
On Thu, 11 Feb 2021 19:04:13 +0200, Dima Goncharuck wrote:
> Feb 11 18:52:08 sudo[5079] set_perms: PERM_INITIAL: ruid: 10001, euid: 0, sui
> d: 0, rgid: 10001, egid: 10001, sgid: 10001
> Feb 11 18:52:08 sudo[5079] -> set_callbacks @ ./sudoers.c:1584
> Feb 11 18:52:08 sudo[5079] <- set_callbacks @ ./sudoers.c:1635
> Feb 11 18:52:08 sudo[5079] -> set_runaspw @ ./sudoers.c:1304
> Feb 11 18:52:08 sudo[5079] <- set_runaspw @ ./sudoers.c:1327 := true
> Feb 11 18:52:08 sudo[5079] <- init_vars @ ./sudoers.c:878 := true
> Feb 11 18:52:08 sudo[5079] set_perms: PERM_ROOT: uid: [10001, 0, 0] -> [0, 0,
> 0]
> Feb 11 18:52:08 sudo[5079] PERM_ROOT: setresuid(0, -1, -1): Operation not per
> mitted @ set_perms() ./set_perms.c:361
> Feb 11 18:52:08 sudo[5079] <- sudoers_init @ ./sudoers.c:193 := -1
Clearly something is preventing sudo from changing uids. With an
effective uid of 0 this should not fail. If apache/php runs in its
own namespace that might affect things.
- todd
More information about the sudo-users
mailing list