Am 30.01.2018 um 16:19 schrieb cpass test:
Thanks for your help.
httpd as the "PrivateTmp=yes".
I did what you suggested, and changed the directory of the temporary folder
of PHP (variable sys_temp_dir) to another directory and it work.
Thanks
thought so
the reason for this settings is that you often find CVE's that random
software creates whatever files in /tmp with bad permissions and so when
your webserver has access to /tmp this becomes problematic
temp/session/upload-files should be as strictly as possible seperated
and also be different per virtual host - 10 years ago somebody who
insulted me used the same webhoster with shared session-dir and had his
database credentials in the PHP session - bad mistake leading to a
"re-design" some drunken night later :-)
2018-01-29 16:55 GMT-05:00 Reindl Harald <h.rei...@thelounge.net>:
Am 29.01.2018 um 20:27 schrieb cpass test:
configured a Moodle LMS to use the ClamAV. They have a plugin in Moodle
for
it. Here are the parameters for connecting to ClamAV:
Unix domain socket: /var/run/clamd.scan/clamd.sock
The clamd server is running and the socket really exist in specified
location.
WARNING: lstat() failed on: /tmp/phpag0dQF
let me guess:
* systemd
* one or both of the invloved services has "PrivateTmp=yes" in it's unit
don't use /tmp or /var/tmp then for files which both should be able to
access
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
