# apache's http user rights

## Hexorg

good daytime to you! I wrote a little program to control my LPT port, and I want to be able to allow php scripts to start it. the program requires root privileges. for LPT access. I was wondering if there is a secure way of allowing php run that program? Maybe an apachesu?

----------

## msalerno

I would rethink your strategy first, but there is always suexec.

How about have you page write a temp config file via php and then have a cron job scan that dir every x minutes, run a sanity/security check on the file and then load it.

----------

## Mad Merlin

Your LPT port is just a device in /dev, thus you can assign the group of the device to be apache, or another group that the apache user is in, and give the group read/write access, thus it'll have access to that device without you having to give apache any other rights.

----------

## PaulBain

I'm not saying this is a good idea, but a quick solution would be to install sudo and allow the apache user to execute a single script as root without password. 

You can then just shell_exec("/my/script/as/root.sh");

----------

## chias

couldn't you just use setuid? like assuming your binary is chowned to root, chmod it to 6755 or something. Then anyone can run it and it'll run as root

----------

