I am trying to figure out if this is a terrible security risk.
I need to have PHP restart apache in order to effect changes made to httpd.conf.
I have managed to do this by installing SUDO and then adding
www-data ALL=(ALL) NOPASSWD: /usr/sbin/apachectl
I then add this to the PHP page:
passthru("sudo apachectl graceful", $output_var);
Is this a massive risk if I have the page that execute it is passworded?