killing a process from the WEB

fandelem

I'm trying to kill a process via the WEB.

The constraints:

1) the user in which PHP runs under cannot be changed (i am but only a user)

I'm wondering how I can go about killing a process from a different user than that which the PHP id runs under.. is this somehow possible from the web (I'm trying to avoid people learning SSH/command prompt instead of cliking on a hyperlink that does it all for them)??

cheers,

yelvington

This is how Unix systems work.

Quoting from the manual page for the kill() system call, "For a process to have permission to send a signal to process pid it must either have root privileges, or the real or effective user ID of the sending pro_cess must equal the real or saved set-user-ID of the receiving process."

In other words, you can kill your own processes, but nobody else's processes, unless you are root.

So the Web server, which ordinarily will run under its own user ID, cannot kill other users' processes.

fandelem

as a workaround, i have simply made it so the process starts from the web interface, thus allowing the web interface to kill it.

of course this lends itself to being able to be killed by anyone smart enough to do ps -U apache and running a CGI script to kill it... but what are the odds of that?:>