posix_setuid

(PHP 4, PHP 5, PHP 7, PHP 8)

posix_setuidSet the UID of the current process

说明

posix_setuid(int $user_id): bool

Set the real user ID of the current process. This is a privileged function that needs appropriate privileges (usually root) on the system to be able to perform this function.

参数

user_id

The user id.

返回值

成功时返回 true, 或者在失败时返回 false

范例

示例 #1 posix_setuid() example

This example will show the current user id and then set it to a different value.

<?php
echo posix_getuid()."\n"//10001
echo posix_geteuid()."\n"//10001
posix_setuid(10000);
echo posix_getuid()."\n"//10000
echo posix_geteuid()."\n"//10000
?>

参见

add a noteadd a note

User Contributed Notes 7 notes

up
2
Leigh
8 years ago
Note that on unix, if your target user does not have a valid shell, some php functions (eg: tempnam) will not work correctly:

$ grep www-data /etc/passwd
www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin

$ cat test.php
#!/usr/bin/php -q
<?php
    $info=posix_getpwnam("www-data");
    $id=$info["uid"];

    $file=tempnam("/tmp","something");
    print "PRE SetUID: $file\n";

    $SETUID=posix_setuid($id);

    $file=tempnam("/tmp","something");
    print "POST SetUID: $file\n";
?>

$ sudo ./test.php
PRE SetUID: /tmp/somethingrsb1qZ
POST SetUID:
up
1
TheWanderer
15 years ago
On many UNIX systems (tested on Debian GNU/Linux), SUID is disabled for scripts and works only for binaries. If you need to setuid, you must use a wrapper binary that runs setuid() php script. Here's an example:

$ nano suexec.cpp
#include <stdlib>
using namespace std;
int main()
{
system("php /home/php/php_user.php");
return 0;
}

$ g++ -o suexec suexec.cpp
$ sudo chown root:root suexec
$ sudo chmod 4755 root

Then we create short PHP script to set process uid (you should already know how to do this). Don't even try to experiment with auto_prepend_file in php.ini, it doesn't work as expected.
up
1
reuben @ nospam me
15 years ago
In response to a note above that advocated the user of system() in a setuid program written in C, this is generally a bad idea for security. 

You should use the standard library calls like execl() instead because system() can be manipulated to execute the wrong thing using the SHELL, IFS and possibly other variables.
up
0
fm at farhad.ca
14 years ago
When you do a posix_setuid from root to some other users you will not have access to files owned by root according to their permissions. For instance if you change owner of the process and still need to open a file for read or write with 600 permission owned by root you will receive a permission denied.
There are some ways to do this (i.e. a unix socket or tcp daemon etc), but probably the most easiest way is:

Open the file before changing ownership of process, save the file pointer in a global variable and use it after changing ownership.

For example assume /root/test_file is a file owned by root:root and have a permission of 600 and you are running this script under root. This code will not work:

<?php
// Change ownership of process to nobody
posix_setgid(99);
posix_setuid(99);

$fd = fopen('/root/test_file','a');
fwrite($fd,"some test strings");
fclose();

?>

But this one will work:

<?php
$fd = fopen('/root/test_file','a');

// Change ownership of process to nobody
posix_setgid(99);
posix_setuid(99);

fwrite($fd,"some test strings");
fclose();

?>

Hope this helps some one.

[Tested on CentOS 5 - Linux 2.6.x - PHP 5.2.x]
up
0
hpaul/at/abo/dot/fi
15 years ago
It seems like this function returns true if you try to change uid to the already active user - even if you aren't root.

Should save you one if-statement in some cases.
up
0
simon at dont-spam-me-pleease dot simonster dot com
19 years ago
Here's some Perl code to run a PHP script setuid. Just put it into a CGI, make that CGI setuid and executable, then call the CGI where you would usually call the PHP script.

#!/usr/local/bin/perl

# Perl wrapper to execute a PHP script setuid
#

备份地址:http://www.lvesu.com/blog/php/function.posix-setuid.php