On Fri, Mar 28, 2008 at 11:24 AM, Mário Gamito <gamito@xxxxxxxxx> wrote:
> Hi,
>
> I have this PHP script (simplificated here), called delete_tmp.php
> that basically calls external commands:
>
> <?php
>
> $session_file = '/tmp/sess_89765'
>
> system(''rm -f' . ' ' . $session_file);
>
> ?>
That's extremely short for a session name. Should it be
/tmp/sess_89765* ? Or is that just an example? Since the ending
semicolon is missing, I'll presume it's just an example. ;-P
Also, here are two different ways of doing that:
<?php
// Method 1
$session_file = '/tmp/sess_89765';
exec('rm '.$session_file.' 2>&1',$ret,$err);
echo isset($err) && $err != 0 ? print_r($ret) : null;
?>
<?php
// Method 2
$session_file = '/tmp/sess_89765';
if(file_exists($session_file) && is_file($session_file) &&
is_writeable($session_file)) {
unlink($session_file);
} else {
echo "No file named ".$session_file."\n";
}
?>
> delete_tmp.php file is owned by gamito.users
>
> /tmp/sess_89765 file has permissions -rw------ and is owned by gamito.users
>
> My /tmp permissions are rwxrwxrwt and is owned by root.root
>
> I know that the the sticky bit only allows files to be deleted by
> their owners, the owner of the directory or by root.
>
> Never the less, i can switch to /tmp directory and delete sess_89765
> file as user gamito.
>
> If I run:
> $ php delete_tmp.php
>
> as root, it deletes sess_89765 file.
>
> But if I do the same has user gamito, it doesn't delete the file !!!
>
> Ideas ?
>
> Any help would be appreciated.
>
> Warm Regards,
> Mário Gamito
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--
</Daniel P. Brown>
Forensic Services, Senior Unix Engineer
1+ (570-) 362-0283
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
