Re: Apache is unable to access /tmp in any way

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



That's for serving temporary files, of course.


I am developing a file-sharing web application, but it hasn't finished yet. Before finishing it if I upload something to or download something from the server those files are stored in /tmp. In most cases they are just temporary files and should be removed after use. I have used this for some time, until a recent system upgrade which changed apache's behavior and disallowed me accessing /tmp.


Thanks for explaining the reason! I'm just astonished to know that apache could make such big changes today.


On 2/15/23 22:33, Antony Stone wrote:
On Wednesday 15 February 2023 at 15:21:58, accelerator0099 wrote:

Apache is unable to access /tmp in any way.
I always get 403 Forbidden for that.
Why is /tmp different from others?
My guess (and it is one) is that since /tmp can be written to by any user,
this is a security feature which stops someone running Apache in such a way
that an attacker could get some process to write either a file or a symlink
into /tmp and then be able to retrieve the content remotely over HTTP.

However, given that many systems routinely delete the contents of /tmp on
startup and/or shutdown, why would you ever want to point Apache at files which
exist there?

What is the use case for having servable content under /tmp?


Antony.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx




[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux