Re: mod_fcgid upload permission changes.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Yes !!! I do!!!

The php-cgi executes a php command who does the following.

- changes EUID for the process to a user who belongs to "itsatadm" group  ( it works fine!)
- reads uploaded file in /tmp/ and stores it to the $HOME of this user.

if mod_fcgid changes umask to 600 instead of 644 I can not read file and stored in the correct path with correct permissions....

Thanks!!!

 


2012/12/11 Eric Covener <covener@xxxxxxxxx>
> I think mod_fcgid is doing UPLOAD (handling file transfer) by itself to /tmp before process
> "/usr/bin/php-cgi " have been spawned, is because of that your suggested  bypass doesn't work.

What error are you seeing exactly?  mod_fcgid creates the temporary file for large bodies, then sends it to the CGI program directly.  You shouldn't be reading that temporary file directly.



--

Att

Toni Moreno

699706656


 

Si no quieres perderte en el olvido tan pronto como estés muerto y corrompido,

escribe cosas dignas de leerse, o haz cosas dignas de escribirse.

 

Benjamin Franklin


[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux