4

So I've got a PHP script thats capable of executing Python commands (to control GPIO), thanks to the users of StackExchange. My previous question here.

Now I'm able to control the GPIO pins from a script hosted in Apache2 of the Pi. This was done by adding the user www-data to the sudoers file. I'm planning to PORT-FORWARD my router so that I can control my Pi through the internet.

Although I hear everywhere that this approach is not recommended, I am unclear about the possible security issues in doing the same.

asked May 26, 2013 at 7:45

1 Answer 1

7

Cross site-scripting could allow someone to become root by tricking your server into running a command possibly destroying your Pi. Instead you should make a group with

 addgroup gpio

then give access to GPIO pins

 chown -R root:gpio /sys/class/gpio

then add www-data to gpio group

 adduser www-data gpio

Finally, remove www-data from sudoers!

answered May 26, 2013 at 9:38

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.