I have a PHP code, that list files and folders, using
shell_exec("sudo ls /home/user");
(www-data has sudo NOPASSWD access to ls. )
Now I need to read the file, where there is no guarantee, that the file has permissions for reading using www-data. I don't want to set permissions to 777. How can I do that?
Having a directory with three files as an example, …
-rw------- 1 root root 9 Apr 29 15:35 bar
-rw-rw-r-- 1 www-data www-data 395 Apr 29 15:41 cat.php
-rw------- 1 www-data www-data 9 Apr 29 15:35 foo
…, a example cat.php could have the following output – which contains the php-skript itself for ovious reasons:
ERROR: cannot read file "bar"
echoing contents of file "cat.php":
---
<?php
$filenames = [];
exec('sudo ls -1 .', $filenames);
foreach($filenames as $filename) {
if (!is_readable($filename)) {
echo 'ERROR: cannot read file "' . $filename . '"' . PHP_EOL . PHP_EOL;
continue;
}
echo 'echoing contents of file "' . $filename . '":' . PHP_EOL . '---' . PHP_EOL;
echo file_get_contents($filename);
echo '---' . PHP_EOL . PHP_EOL;
}
---
echoing contents of file "foo":
---
I am foo
---
/home/useras the user directories usually have 700 permissions. A better directory is/optwhere the permissions are usually 755 or you can set them that way.