[Owasp-modsecurity-core-rule-set] Input filter: failed to create temporary file

Matthew Saltzman mjs at clemson.edu
Thu Jan 14 12:36:38 EST 2010


On Mon, 2010-01-11 at 22:04 -0500, Matthew Saltzman wrote: 
> On Mon, 2010-01-11 at 12:46 -0800, Brian Rectanus wrote: 
> > 
> > I don't think temp files will create the directory structure (working
> > from memory here).  Verify that it does not happen after creating
> > /tmp/httpd with mode 1777.  I would not create it there, though.  Better
> > in something like /var/httpd/modsec/tmp and used only for modsec.
> 
> Interesting:
> 
>       * Making /tmp/httpd, mode 1777, owner apache:apache solves the
>         problem.
> 
> This seems like a bug--you can't count on the directory to exist
> (particularly if it lives in /tmp), so you have to check and either not
> use it or create it.
> 
>       * Changing /etc/httpd/modsecurity.d/modsecurity_crs_10_config.conf
>         to point to a different directory for SecUploadDir, SecDataDir,
>         and SecTmpDir and either reloading or restarting httpd doesn't
>         change where the file is created--it's still in /tmp. 
>       * Moving the directives to modsecurity_localrules.conf has the
>         same lack of effect on the location where the file is written.
> 
> So either I'm doing something wrong here, or my directives are being
> ignored for some reason.  More hints welcome.
> 
> Thanks for your help so far.

Any suggestions how I should follow this up?  Can anyone confirm that
it's a bug or explain how to work around it?  Or should I be taking it
to a different list?

Thanks.
-- 
                Matthew Saltzman

Clemson University Math Sciences
mjs AT clemson DOT edu
http://www.math.clemson.edu/~mjs


More information about the Owasp-modsecurity-core-rule-set mailing list