Mod_Security thinks user/tmp is main /tmp and blocking ?

jeroman8

Well-Known Member
Mar 14, 2003
410
0
166
Hello!

Mod_security is reading commands wrong or something is really messed
up with apache/php cause it's the wrong /tmp path used.

Domain/Account BBBB.com is trying to create a session file but is blocked
by mod_secuity cause it say BBBB.com is trying to create the file in
AAA accounts /tmp folder!

[Mon Aug 25 23:12:26 2008] [error] [client xxx]
mod_security: Access denied with code 406. read_post_payload:
Failed to create file "/home/AAA/tmp/xxxxrequest_body-PQp5Xo"
because 13("Permission denied") [hostname "BBBBB.com"] [uri "/admin/categories.php?action=insert_category&cPath=154"]

BBBB has it's own /tmp and home folder and is not realted to AAA at all.
But it's not only BBBB being blocked due to this, it a lot of accounts.

I restarted mysql and apache and it helped.


What happened ?
Something with mod_Sec mysql maybe ?
Why did mod_sec think they all wanted to use AAA /tmp folder ?
or did they really trying that .....

(edit) NOTE: /tmp path in php is set to /tmp all the time
 

smisha

Registered
Mar 6, 2007
1
0
151
For me the issue is fixed by uncommenting 'session.save_path = /tmp' in php.ini :)