FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » PHP script to only be accessed by cron
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: PHP script to only be accessed by cron [message #175282 is a reply to message #175274] Wed, 31 August 2011 12:53 Go to previous messageGo to previous message
Peter H. Coffin is currently offline  Peter H. Coffin
Messages: 245
Registered: September 2010
Karma:
Senior Member
On Wed, 31 Aug 2011 02:14:58 -0700 (PDT), jwcarlton wrote:
>>> I'm writing a PHP script that I want to ONLY be accessed by a
>>> predefined cron. Can you guys suggest a way to prevent non-cron
>>> accesses?
>>
>> 1/. Write it in a proper language for this purpose, C, not php

Won't gain much relevant. Compilation isn't even obfuscation, much less
encryption. Run strings on a compiled c program sometime.

>> 2/. Check the id of the parent process: compare that with running
>> processes . If it ain't cron abort the program.

Marginal. Are you 100% sure, though, that cron will always spawn it
directly? On my host, it doesn't; cron spawns a process that sets up
the environment, which then spawns the actual command in the cron job
and accepts output for mailing back to the owning user, if any, then
exists itself.

----------------
#!/bin/ksh

echo "this process $$";
echo "parent process $PPID";
----------------

run by cron outputs

----------------
this process 20206
parent process 18169
----------------

while cron is pid 547:

$ ps aux | grep cron
----------------
USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND
----------------
root 547 0.0 0.0 632 868 ?? Is 22Jun11 0:13.07 cron

>> 3/. When you have it working, delete the source code.

So you can NEVER MAKE CHANGES AGAIN! (Okay, yes, you can keep a backup
elsewhere. Which makes it really easy to lose track of.)

>>> I wouldn't mind encoding the page, too, JUST in case I have a root
>>> breach (not expected, of course, but not impossible).
>>
>> That's the second reason to write it in C.
>>
>> Since I would
>>
>>> only need to encode one page, once, would it be reasonable to use the
>>> free trial of Zend Guard? Or would you guys suggest something
>>> different?
>>
>> Why not start with the right approach, instead of patching the wrong
>> approach?
>>
>> I like PHP. But its not the only language in town and this is where I
>> would definitely get out the C compiler
>
> I think you make an excellent point, NP. It's been awhile since I've
> messed with C and have forgotten more than I should, but I think
> you're right that it's the appropriate language.
>
> In retrospect, I don't know if I've EVER coded in C. I think I started
> in C++. Oh, well, it's not a big deal to go find a compiler and see
> what I remember :-) "Hello World", here I come! LOL

Best of luck to you. I hope you have the time to build the skills
necessary for the job in the time you've got. (:

> FWIW, Alvaro, I don't really have a problem, I'm just trying to
> prevent one before it has a chance to happen :-) I figure that it's
> better to tighten it up the best that I can in the beginning, instead
> of trying to come back to it later. I'm more or less just playing with
> this script right now, anyway.

Preventing problems is a good thing to do, but using the simplest method
to prevent the problem is the least likely to introduce other, shiny and
new problems that you haven't already thought of. Stick with simple:
secure the script written in a language you're already comfortable with
to a single user, have cron run it under that user id, be done with it.

--
When C++ is your hammer, everything looks like a thumb.
-- Steven M. Haflich
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: php help
Next Topic: Newbie: very basic jquery drag drop
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Fri Nov 29 17:21:42 GMT 2024

Total time taken to generate the page: 0.32145 seconds