John Davidson

Message:

I have a PHP script that does the following:

$output = exec('sudo nginx -t 2>&1');

echo $output;

As expected, it returns the following due to using a sudo command:

sudo: no tty present and no askpass program specified

However, I am able to run PHP in the terminal php /var/www/html/script.php and it works without being prompted for a sudo password.

Someone has told me that I am running PHP as a root on my system, which is dangerous.

However, all I did was follow this tutorial - is it really that dangerous?

Also, if I use a Cron job to run the PHP script, it runs perfectly

I am using NGINX with Ubuntu 20.04 + PHP 7

---

My Answer:
There are a few possible reasons why you are able to run PHP sudo commands:

1. Your PHP script is being executed by a user who has sudo privileges: If the user running the PHP script has sudo privileges, they will be able to run commands with sudo.

2. The sudoers file is configured to allow the user to run specific commands without a password: It is possible to configure the sudoers file to allow certain users to run specific commands with sudo without entering a password. This could be why your PHP script is able to run sudo commands.

3. The sudoers file is configured to allow the web server user to run specific commands: If your PHP script is being executed by a web server (such as Apache or Nginx), the web server user may have sudo privileges configured in the sudoers file to run specific commands.

It is important to be cautious when allowing PHP scripts to run sudo commands, as it can pose a security risk if not properly configured. Make sure to review your sudoers file and restrict sudo access to only necessary commands and users.