On Fri, Mar 28, 2008 at 11:24 AM, Mário Gamito <gamito@xxxxxxxxx> wrote: > Hi, > > I have this PHP script (simplificated here), called delete_tmp.php > that basically calls external commands: > > <?php > > $session_file = '/tmp/sess_89765' > > system(''rm -f' . ' ' . $session_file); > > ?> That's extremely short for a session name. Should it be /tmp/sess_89765* ? Or is that just an example? Since the ending semicolon is missing, I'll presume it's just an example. ;-P Also, here are two different ways of doing that: <?php // Method 1 $session_file = '/tmp/sess_89765'; exec('rm '.$session_file.' 2>&1',$ret,$err); echo isset($err) && $err != 0 ? print_r($ret) : null; ?> <?php // Method 2 $session_file = '/tmp/sess_89765'; if(file_exists($session_file) && is_file($session_file) && is_writeable($session_file)) { unlink($session_file); } else { echo "No file named ".$session_file."\n"; } ?> > delete_tmp.php file is owned by gamito.users > > /tmp/sess_89765 file has permissions -rw------ and is owned by gamito.users > > My /tmp permissions are rwxrwxrwt and is owned by root.root > > I know that the the sticky bit only allows files to be deleted by > their owners, the owner of the directory or by root. > > Never the less, i can switch to /tmp directory and delete sess_89765 > file as user gamito. > > If I run: > $ php delete_tmp.php > > as root, it deletes sess_89765 file. > > But if I do the same has user gamito, it doesn't delete the file !!! > > Ideas ? > > Any help would be appreciated. > > Warm Regards, > Mário Gamito > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- </Daniel P. Brown> Forensic Services, Senior Unix Engineer 1+ (570-) 362-0283 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php