Mário Gamito wrote:
Hi,This is a bit of-topic, but since it has to do with /tmp permissions here it goes. Anyway, I'm sorry in advance for posting this. I have this PHP script (simplificated here), called delete_tmp.php that basically calls external commands: <?php $session_file = '/tmp/sess_89765' system(''rm -f' . ' ' . $session_file); ?> delete_tmp.php file is owned by gamito.users /tmp/sess_89765 file has permissions -rw------ and is owned by gamito.users My /tmp permissions are rwxrwxrwt and is owned by root.root I know that the the sticky bit only allows files to be deleted by their owners, the owner of the directory or by root. Never the less, i can switch to /tmp directory and delete sess_89765 file as user gamito. If I run: $ php delete_tmp.php as root, it deletes sess_89765 file. But if I do the same has user gamito, it doesn't delete the file !!! Ideas ?
PHP, being run from the web interface, is run as whatever ID Apache is run as. Apache is not user gamito. On a file with -rw------ permission users in the group will not be allowed to delete the file. -- Linux Home Automation Neil Cherry [EMAIL PROTECTED] http://www.linuxha.com/ Main site http://linuxha.blogspot.com/ My HA Blog Author of: Linux Smart Homes For Dummies _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
