Re: Deleting file in /tmp directory
- From: gmane@xxxxxxxxxxxxxx (Colin Guthrie)
- Date: Fri, 28 Mar 2008 15:51:37 +0000
Mário Gamito wrote:
Hi,
I have this PHP script (simplificated here), called delete_tmp.php
that basically calls external commands:
<?php
$session_file = '/tmp/sess_89765'
system(''rm -f' . ' ' . $session_file);
?>
delete_tmp.php file is owned by gamito.users
/tmp/sess_89765 file has permissions -rw------ and is owned by gamito.users
My /tmp permissions are rwxrwxrwt and is owned by root.root
I know that the the sticky bit only allows files to be deleted by
their owners, the owner of the directory or by root.
Never the less, i can switch to /tmp directory and delete sess_89765
file as user gamito.
If I run:
$ php delete_tmp.php
as root, it deletes sess_89765 file.
But if I do the same has user gamito, it doesn't delete the file !!!
Ideas ?
Any help would be appreciated.
It is a bit odd as it should delete it fine. Does using the PHP internal
function unlink() work better than shelling out? system() will possibly
have more overheads and it may require that the user has a valid SHELL
etc. too...
Col
.
- References:
- Deleting file in /tmp directory
- From: "Mário Gamito"
- Deleting file in /tmp directory
- Prev by Date: Re: [PHP] munge / obfuscate ?
- Next by Date: Re: [PHP] Deleting file in /tmp directory
- Previous by thread: Deleting file in /tmp directory
- Next by thread: Re: [PHP] Deleting file in /tmp directory
- Index(es):
Relevant Pages
|
