That's for serving temporary files, of course.
I am developing a file-sharing web application, but it hasn't finished
yet. Before finishing it if I upload something to or download something
from the server those files are stored in /tmp. In most cases they are
just temporary files and should be removed after use. I have used this
for some time, until a recent system upgrade which changed apache's
behavior and disallowed me accessing /tmp.
Thanks for explaining the reason! I'm just astonished to know that
apache could make such big changes today.
On 2/15/23 22:33, Antony Stone wrote:
On Wednesday 15 February 2023 at 15:21:58, accelerator0099 wrote:
Apache is unable to access /tmp in any way.
I always get 403 Forbidden for that.
Why is /tmp different from others?
My guess (and it is one) is that since /tmp can be written to by any user,
this is a security feature which stops someone running Apache in such a way
that an attacker could get some process to write either a file or a symlink
into /tmp and then be able to retrieve the content remotely over HTTP.
However, given that many systems routinely delete the contents of /tmp on
startup and/or shutdown, why would you ever want to point Apache at files which
exist there?
What is the use case for having servable content under /tmp?
Antony.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
