[Owasp-modsecurity-core-rule-set] Input filter: failed to create temporary file
Brian Rectanus
Brian.Rectanus at breach.com
Thu Jan 14 16:22:56 EST 2010
Matthew Saltzman wrote:
> On Mon, 2010-01-11 at 22:04 -0500, Matthew Saltzman wrote:
>> On Mon, 2010-01-11 at 12:46 -0800, Brian Rectanus wrote:
>>> I don't think temp files will create the directory structure (working
>>> from memory here). Verify that it does not happen after creating
>>> /tmp/httpd with mode 1777. I would not create it there, though. Better
>>> in something like /var/httpd/modsec/tmp and used only for modsec.
>> Interesting:
>>
>> * Making /tmp/httpd, mode 1777, owner apache:apache solves the
>> problem.
>>
>> This seems like a bug--you can't count on the directory to exist
>> (particularly if it lives in /tmp), so you have to check and either not
>> use it or create it.
>>
>> * Changing /etc/httpd/modsecurity.d/modsecurity_crs_10_config.conf
>> to point to a different directory for SecUploadDir, SecDataDir,
>> and SecTmpDir and either reloading or restarting httpd doesn't
>> change where the file is created--it's still in /tmp.
>> * Moving the directives to modsecurity_localrules.conf has the
>> same lack of effect on the location where the file is written.
>>
>> So either I'm doing something wrong here, or my directives are being
>> ignored for some reason. More hints welcome.
>>
>> Thanks for your help so far.
>
> Any suggestions how I should follow this up? Can anyone confirm that
> it's a bug or explain how to work around it? Or should I be taking it
> to a different list?
>
> Thanks.
If the directives are not changing it, then maybe they are set later on
in the config somewhere (ie overwriting your change)? I suggest you
grep for where SecTmpDir may be set in another location.
-B
--
Brian Rectanus
Breach Security
More information about the Owasp-modsecurity-core-rule-set
mailing list