[CentOS] Apache Changing IPtables C 5.6 via Apache

John Doe jdmls at yahoo.com
Mon Aug 22 09:53:24 UTC 2011


From: Always Learning <centos at u61.u22.net>

> Executing 'whoami' confirms Apache is the user. Giving Apache group rw
> on the /etc/sysconfig/iptables and ensuring the /sbin/iptables is
> executable by all, fails to resolve the problem.
> Is there any method of running iptables from an Apache originated
> process ?

I would be wary of letting the apache user control iptables...
Better have another independent script to read the list of IPs file, filter it, and then call iptables.

JD



More information about the CentOS mailing list