On Tuesday 20 March 2007 13:12, Kyle Sexton wrote:
Have you looked at apache suEXEC support? More info at:
suEXEC has the same problems as suid. In particular, all the code runs with elevated privileges, not just the few bits that need it.
Not sure if this is what you want, but using /etc/sudoers strikes me as odd. :)
sudo is (AFAIK) the only way to allow only a single command.
I wrote a sudo PHP library myself that uses HTTP authentication to execute specific commands, that I intend to develop into a nice general web interface someday.
Note that changing ownership/permissions on ttyS0 itself will allow Apache to do anything it wants with it. This is unsuitable if you only want to allow a single operation (eg, if it's a serial console).