Results 1 to 15 of 15

Thread: /tmp problem

  1. #1

    Arrow /tmp problem

    Whenever I try to install scripts that put something in the /tmp directory, and then try to edit it, can't. I wanted to know what I should change to try and fix this, is it a permissions problem? Any help would be appreciated.

  2. #2
    Join Date
    Aug 2002
    Location
    UK
    Posts
    852
    1. PHP / CGI
    2. File permissions, owner and group etc

    please?

  3. #3
    If you could explain yourself a little more..I might be able to answer your question/remark/???

  4. #4
    Join Date
    Jan 2003
    Posts
    1,715
    I think that's what he's saying to you, as well.

    What are you installing? How is it being installed (PHP, CGI, shell)? Why do the /tmp files need to be edited?
    Game Servers are the next hot market!
    Slim margins, heavy support, fickle customers, and moronic suppliers!
    Start your own today!

  5. #5
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,681
    i once had this problem with invision board. i had to allow writing to the tmp directory
    Steven Ciaburri | Industry's Best Server Management - Rack911.com
    Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
    Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
    FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance

  6. #6
    It's a PHP script. Edge Panel, to be exact. But I also get this problem with phpBB.

    Here's the error I get:

    http://www.exinant.com/desk/newticket.php

  7. #7
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,681
    chmod 666 /tmp

    do that @ ssh
    Steven Ciaburri | Industry's Best Server Management - Rack911.com
    Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
    Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
    FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance

  8. #8
    I had to chmod it to 773 for it to work..how much of a security risk is this?

  9. #9
    Join Date
    Aug 2002
    Location
    UK
    Posts
    852
    ^^^ People can write to and execute stuff in your temp directory.

  10. #10
    Join Date
    Dec 2001
    Location
    Netherlands
    Posts
    849
    you need to chmod tmp

    chmod 777 /tmp
    chmod +t /tmp

    for a normal system

    You control the access permissions via /etc/fstab.

    .
    # experienced Cloud/OpenStack Architect
    #
    # Feel free to PM me for any info or help to build your cloud.

  11. #11
    Join Date
    Aug 2002
    Location
    UK
    Posts
    852
    why do you need +x on /tmp though? 777 is fine IF you put 'nosuid noexec' at least in the mount parameters.

  12. #12
    Greetings Winkie:

    It is +t, not +x.

    +t for temporary bit.

    The same should work if you did chmod 1777 /tmp.

    Thank you.
    ---
    Peter M. Abraham
    LinkedIn Profile

  13. #13
    Join Date
    Aug 2002
    Location
    UK
    Posts
    852
    ^^^ I know what +t is

    +x is the 1 in 777

  14. #14
    Join Date
    Jan 2003
    Posts
    1,715
    x on directories means 'explorable' and removing it will produce some funky effects. Most notably, you can read the file list, so something like 'echo /tmp/*' works, but you can't read, stat(), ls, or otherwise access any of the files.

    Similarly, wx (no r) will let you access, remove, and create files inside the directory, but you can't get a directory listing, so you had better know the file names already.
    Game Servers are the next hot market!
    Slim margins, heavy support, fickle customers, and moronic suppliers!
    Start your own today!

  15. #15
    Join Date
    Dec 2001
    Location
    Netherlands
    Posts
    849
    A sticky bit is one of the permissions that can be set on a directory. Most people are familiar with read and write permissions already.

    drwxrwxrwx <-- A directory that any user can list, create/delete files in, or access.

    When the sticky bit is set on a directory, it means that anyone can create files in the directory but users can only delete files they own.

    drwxrwxrwt <-- Here the sticky bit is set.

    The temp directory i.e public directories MUST have this bit set to on. To set the sticky bit on a directory called /tmp

    you can do either:

    chmod 1777 /tmp

    or,
    chmod 777 /tmp
    chmod +t /tmp


    similar for /var/tmp also.


    .
    # experienced Cloud/OpenStack Architect
    #
    # Feel free to PM me for any info or help to build your cloud.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •