如何检查用户 php 正在以什么身份运行?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/7771586/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to check what user php is running as?
提问by Wesley
I need to detect if php is running as nobody. How do I do this?
我需要检测 php 是否以无人身份运行。我该怎么做呢?
Are there any other names for "nobody"? "apache"? Any others?
“没有人”还有其他名字吗?“阿帕奇”?还有其他人吗?
采纳答案by mario
If available you can probe the current user account with posix_geteuidand then get the user name with posix_getpwuid.
如果可用,您可以使用 探测当前用户帐户,posix_geteuid然后使用 获取用户名 posix_getpwuid。
$username = posix_getpwuid(posix_geteuid())['name'];
If you are running in safe mode however (which is often the case when exec is disabled), then it's unlikely that your PHP process is running under anything but the default www-dataor apacheaccount.
但是,如果您在安全模式下运行(当 exec 被禁用时通常是这种情况),那么您的 PHP 进程不太可能在默认www-data或apache帐户之外的任何情况下运行。
回答by AlienWebguy
<?php echo exec('whoami'); ?>
<?php echo exec('whoami'); ?>
回答by Jonathan Kuhn
Kind of backward way, but without exec/system:
一种落后的方式,但没有 exec/system:
file_put_contents("testFile", "test");
$user = fileowner("testFile");
unlink("testFile");
If you create a file, the owner will be the PHP user.
如果您创建一个文件,所有者将是 PHP 用户。
This could also likely be run with any of the temporary file functions such as tempnam(), which creates a random file in the temporary directory and returns the name of that file. If there are issues due to something like the permissions, open_basediror safe mode that prevent writing a file, typically, the temp directory will still be allowed.
这也可能与任何临时文件函数一起运行,例如tempnam()在临时目录中创建一个随机文件并返回该文件的名称。如果由于诸如权限open_basedir或阻止写入文件的安全模式之类的问题而出现问题,通常,临时目录仍将被允许。
回答by Seth
More details would be useful, but assuming it's a linux system, and assuming php is running under apache, it will run as what ever user apache runs as.
更多细节会很有用,但假设它是一个 linux 系统,并假设 php 在 apache 下运行,它将以用户 apache 运行的身份运行。
An easy way to check ( again, assuming some unix like environment ) is to create a php file with:
一种简单的检查方法(再次假设一些类似 unix 的环境)是创建一个 php 文件:
<?php
print shell_exec( 'whoami' );
?>
which will give you the user.
这将为您提供用户。
For my AWS instance, I am getting apacheas output when I run this script.
对于我的 AWS 实例,apache当我运行这个脚本时,我得到了输出。
回答by ricbra
You can try using backticks like this:
您可以尝试使用这样的反引号:
echo `whoami`;
回答by genesis
回答by Lukas Liesis
i would use:
我会用:
lsof -i
lsof -i | less
lsof -i | grep :http
any of these. You can type em in your ssh command line and you will see what user is listening what service.
任何这些。您可以在 ssh 命令行中输入 em ,您将看到哪些用户正在收听哪些服务。
you can also go and check this file:
你也可以去检查这个文件:
more /etc/apache2/envvars
and look for these lines:
并寻找这些行:
export APACHE_RUN_USER=user-name
export APACHE_RUN_GROUP=group-name
to filter out envvars file data, you can use grep:
要过滤掉 envvars 文件数据,您可以使用 grep:
more /etc/apache2/envvars |grep APACHE_RUN_
回答by Gabriel Vilches Alves
Straight from the shell you can run:
您可以直接从 shell 运行:
php -r "echo exec('whoami');"
回答by CRTLBREAK
add the file info.php to the following directory - your default http/apache directory - normally /var/www/html
将文件 info.php 添加到以下目录 - 您的默认 http/apache 目录 - 通常为 /var/www/html
with the following contents
有以下内容
<?php
phpinfo();
?>
Then httpd/apache restart the go to your default html directory http://enter.server.here/info.php
然后 httpd/apache 重启去你默认的 html 目录 http://enter.server.here/info.php
would deliver the whole php pedigree!
将提供整个 php 谱系!
回答by Freeman
You can use these commands :
您可以使用这些命令:
<? system('whoami');?>
or
或者
<? passthru('whoami');?>
or
或者
<? print exec('whoami');?>
or
或者
<? print shell_exec('whoami');?>
or
或者
<? print get_current_user();?>
