Skip to content
Advertisement

PHP cannot execute local programs when accessed through a browser

I am a bit new to PHP and web development in general, and I am trying to execute a program from php. I setup my virtual machine and hosted it properly, but when the website attempts to load the page, it says that the program could not be executed: “permission denied.” I tried everything including:

  1. Adding execute permissions to every file in /var/www/html
  2. setfacl -m u:apache:rwx /var/www/
  3. chown -R apache:apache /var/www/

Further context:

  1. I am on fedora linux

heres index.php:

<html>
<body>                                                                                                                                                                                                                                          <p>
<?php
        exec("whoami && ./program 2>&1", $out);

        foreach ($out as $element) {
                echo $element;
                echo "<br>";
        }
?>
</p>

</body>
</html>

When I run it from a browser, this is the output:
browser output

[fedora@fedora html]$ curl localhost
<html>
<body>

<p>
apache<br>sh: ./program: Permission denied<br></p>

</body>
</html>

Most tips on the internet tell you to make sure user ‘apache’ has permission to execute the file. I have done that and verified by doing the following commands.

[fedora@fedora html]$ sudo -u apache bash
bash-5.0$ ls -la
total 48
drwxrwxrwx. 2 apache apache  4096 Oct 25 11:22 .
drwxrwxrwx+ 4 apache apache  4096 Oct 25 09:51 ..
-rw-rw-rw-. 1 apache apache   158 Oct 25 11:04 index.php
-rwxrwxrwx+ 1 apache apache 20648 Oct 25 10:02 program
-rwxr-xr-x. 1 apache apache    23 Oct 25 10:57 p.sh
bash-5.0$ ./program
test
test
test
test
test
test
test
test
test
bash-5.0$ php index.php
<html>
<body>

<p>
apache<br>test<br>test<br>test<br>test<br>test<br>test<br>test<br>test<br>test<br>test<br>test<br>test<br>test<br>test<br>test<br>test<br>test<br>test<br>test<br>test<br>test<br>test<br>test<br></p>

</body>
</html>
bash-5.0$

I sudoed into the apache user and was able to read every file in the directory and execute them via the shell. After that, I ran php index.php, and it executed the script perfectly with the exepcted output.

I am at a complete loss for why it can’t execute this script in the browser, any help would be much appreciated!

Edit: I checked my php.ini file and there are no disabled functions

...
disable_functions =
...

Advertisement

Answer

I checked my SELinux configuration and the scripts were not set to the correct permissions. They were set to httpd_sys_content_t when they needed to be httpd_sys_script_exec_t.

the simple fix was:

chcon -R -t httpd_sys_script_exec_t program
User contributions licensed under: CC BY-SA
1 People found this is helpful
Advertisement