That's for serving temporary files, of course.
I am developing a file-sharing web application, but it hasn't finished
yet. Before finishing it if I upload something to or download something
from the server those files are stored in /tmp. In most cases they are
just temporary files and should be removed after use. I have used this
for some time, until a recent system upgrade which changed apache's
behavior and disallowed me accessing /tmp.
Thanks for explaining the reason! I'm just astonished to know that
apache could make such big changes today.
On 2/15/23 22:33, Antony Stone wrote:
> On Wednesday 15 February 2023 at 15:21:58, accelerator0099 wrote:
>
>> Apache is unable to access /tmp in any way.
>> I always get 403 Forbidden for that.
>> Why is /tmp different from others?
> My guess (and it is one) is that since /tmp can be written to by any user,
> this is a security feature which stops someone running Apache in such a way
> that an attacker could get some process to write either a file or a symlink
> into /tmp and then be able to retrieve the content remotely over HTTP.
>
> However, given that many systems routinely delete the contents of /tmp on
> startup and/or shutdown, why would you ever want to point Apache at files which
> exist there?
>
> What is the use case for having servable content under /tmp?
>
>
> Antony.
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|