Question regardin deleting a file in /tmp directory

Hi,

I have this PHP script (simplificated here), called delete_tmp.php
that basically calls external commands:


$session_file =3D '/tmp/sess_89765'

system(''rm -f' . ' ' . $session_file);

?>

delete_tmp.php file is owned by gamito.users

/tmp/sess_89765 file has permissions -rw------ and is owned by gamito.u=
sers

My /tmp permissions are rwxrwxrwt and is owned by root.root

I know that the the sticky bit only allows files to be deleted by
their owners, the owner of the directory or by root.

Never the less, i can switch to /tmp directory and delete sess_89765
file as user gamito.

If I run:
$ php delete_tmp.php

as root, it deletes sess_89765 file.

But if I do the same has user gamito, it doesn't delete the file !!!

Ideas ?

Any help would be appreciated.

Warm Regards,
M=E1rio Gamito
--
To unsubscribe from this list: send the line "unsubscribe linux-admin" =
in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html

Re: Question regardin deleting a file in /tmp directory

Words by M=E1rio Gamito [Fri, Mar 28, 2008 at 03:23:37PM +0000]:
> Hi,
>=20
> I have this PHP script (simplificated here), called delete_tmp.php
> that basically calls external commands:
>=20
> >=20
> $session_file =3D '/tmp/sess_89765'
>=20
> system(''rm -f' . ' ' . $session_file);
>=20
> ?>
>=20
> delete_tmp.php file is owned by gamito.users
>=20
> /tmp/sess_89765 file has permissions -rw------ and is owned by gamito=
users
>=20
> My /tmp permissions are rwxrwxrwt and is owned by root.root
>=20
> I know that the the sticky bit only allows files to be deleted by
> their owners, the owner of the directory or by root.
>=20
> Never the less, i can switch to /tmp directory and delete sess_89765
> file as user gamito.
>=20
> If I run:
> $ php delete_tmp.php
>=20
> as root, it deletes sess_89765 file.
>=20
> But if I do the same has user gamito, it doesn't delete the file !!!
>=20
> Ideas ?
>=20

Yes, remove the -f.

--=20
Jose Celestino
------------------------------------------------------------ ----
http://www.msversus.org/ ; http://techp.org/petition/show/1
http://www.vinc17.org/noswpat.en.html
------------------------------------------------------------ ----
"If you would have your slaves remain docile, teach them hymns."
-- Ed Weathers ("The Empty Box")
--
To unsubscribe from this list: send the line "unsubscribe linux-admin" =
in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html

Re: Question regardin deleting a file in /tmp directory

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig85E76FF206740AC1208CEC69
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: quoted-printable

Hi,

M=E1rio Gamito wrote:
> If I run:
> $ php delete_tmp.php

Is this the CGI or CLI version of php that you are running (php=20
--version)? (You can create a standalone version of both, I know, I=20
have the empty follicles to prove it). The CGI version has extra=20
restrictions that may cause weirdness. As a test I would try doing an=20
ls of the file before the rm and see what the output of that is.

Cheers

Adam

> as root, it deletes sess_89765 file.
>=20
> But if I do the same has user gamito, it doesn't delete the file !!!
>=20
> Ideas ?
>=20
> Any help would be appreciated.
>=20
> Warm Regards,
> M=E1rio Gamito
> --
> To unsubscribe from this list: send the line "unsubscribe linux-admin" =
in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html



--------------enig85E76FF206740AC1208CEC69
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFH7Sp5fNJVASeK9ugRAhKOAJ4rxPvtqA3I2N2mSXiBkPDEpH5KyQCf c+dz
OVPFgcfhkoPsTbsq1Y5bp9s=
=b5Ib
-----END PGP SIGNATURE-----

--------------enig85E76FF206740AC1208CEC69--
--
To unsubscribe from this list: send the line "unsubscribe linux-admin" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html