Results 1 to 15 of 15
Thread: /tmp problem
-
12-29-2003, 06:12 PM #1Junior Guru Wannabe
- Join Date
- Nov 2003
- Posts
- 70
/tmp problem
Whenever I try to install scripts that put something in the /tmp directory, and then try to edit it, can't. I wanted to know what I should change to try and fix this, is it a permissions problem? Any help would be appreciated.
AIM: Exinant
http://www.exinant.com
-
12-29-2003, 06:32 PM #2Web Hosting Master
- Join Date
- Aug 2002
- Location
- UK
- Posts
- 852
1. PHP / CGI
2. File permissions, owner and group etc
please?
-
12-29-2003, 06:49 PM #3Junior Guru Wannabe
- Join Date
- Nov 2003
- Posts
- 70
If you could explain yourself a little more..I might be able to answer your question/remark/???
AIM: Exinant
http://www.exinant.com
-
12-29-2003, 06:57 PM #4Web Hosting Master
- Join Date
- Jan 2003
- Posts
- 1,715
I think that's what he's saying to you, as well.
What are you installing? How is it being installed (PHP, CGI, shell)? Why do the /tmp files need to be edited?Game Servers are the next hot market!
Slim margins, heavy support, fickle customers, and moronic suppliers!
Start your own today!
-
12-29-2003, 07:04 PM #5Problem Solver
- Join Date
- Mar 2003
- Location
- California USA
- Posts
- 13,681
i once had this problem with invision board. i had to allow writing to the tmp directory
Steven Ciaburri | Industry's Best Server Management - Rack911.com
Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance
-
12-29-2003, 07:23 PM #6Junior Guru Wannabe
- Join Date
- Nov 2003
- Posts
- 70
It's a PHP script. Edge Panel, to be exact. But I also get this problem with phpBB.
Here's the error I get:
http://www.exinant.com/desk/newticket.phpAIM: Exinant
http://www.exinant.com
-
12-29-2003, 07:31 PM #7Problem Solver
- Join Date
- Mar 2003
- Location
- California USA
- Posts
- 13,681
chmod 666 /tmp
do that @ sshSteven Ciaburri | Industry's Best Server Management - Rack911.com
Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance
-
12-29-2003, 07:52 PM #8Junior Guru Wannabe
- Join Date
- Nov 2003
- Posts
- 70
I had to chmod it to 773 for it to work..how much of a security risk is this?
AIM: Exinant
http://www.exinant.com
-
12-30-2003, 08:35 AM #9Web Hosting Master
- Join Date
- Aug 2002
- Location
- UK
- Posts
- 852
^^^ People can write to and execute stuff in your temp directory.
-
12-30-2003, 08:46 AM #10Web Hosting Master
- Join Date
- Dec 2001
- Location
- Netherlands
- Posts
- 849
you need to chmod tmp
chmod 777 /tmp
chmod +t /tmp
for a normal system
You control the access permissions via /etc/fstab.
.
# experienced Cloud/OpenStack Architect
#
# Feel free to PM me for any info or help to build your cloud.
-
12-30-2003, 08:54 AM #11Web Hosting Master
- Join Date
- Aug 2002
- Location
- UK
- Posts
- 852
why do you need +x on /tmp though? 777 is fine IF you put 'nosuid noexec' at least in the mount parameters.
-
12-30-2003, 11:42 AM #12Web Hosting Master
- Join Date
- Dec 2001
- Posts
- 5,221
Greetings Winkie:
It is +t, not +x.
+t for temporary bit.
The same should work if you did chmod 1777 /tmp.
Thank you.
-
12-30-2003, 12:15 PM #13Web Hosting Master
- Join Date
- Aug 2002
- Location
- UK
- Posts
- 852
^^^ I know what +t is
+x is the 1 in 777
-
12-31-2003, 03:54 AM #14Web Hosting Master
- Join Date
- Jan 2003
- Posts
- 1,715
x on directories means 'explorable' and removing it will produce some funky effects. Most notably, you can read the file list, so something like 'echo /tmp/*' works, but you can't read, stat(), ls, or otherwise access any of the files.
Similarly, wx (no r) will let you access, remove, and create files inside the directory, but you can't get a directory listing, so you had better know the file names already.Game Servers are the next hot market!
Slim margins, heavy support, fickle customers, and moronic suppliers!
Start your own today!
-
12-31-2003, 06:36 AM #15Web Hosting Master
- Join Date
- Dec 2001
- Location
- Netherlands
- Posts
- 849
A sticky bit is one of the permissions that can be set on a directory. Most people are familiar with read and write permissions already.
drwxrwxrwx <-- A directory that any user can list, create/delete files in, or access.
When the sticky bit is set on a directory, it means that anyone can create files in the directory but users can only delete files they own.
drwxrwxrwt <-- Here the sticky bit is set.
The temp directory i.e public directories MUST have this bit set to on. To set the sticky bit on a directory called /tmp
you can do either:
chmod 1777 /tmp
or,
chmod 777 /tmp
chmod +t /tmp
similar for /var/tmp also.
.
# experienced Cloud/OpenStack Architect
#
# Feel free to PM me for any info or help to build your cloud.