- Posts: 2
- Thank you received: 0
Welcome to the LimeSurvey Community Forum
Ask the community, share ideas, and connect with other LimeSurvey users!
Files of type ".bin" in tmp/runtime/cache-folder, file permissions
- ATSWebmaster
- Topic Author
- Offline
- New Member
Less
More
6 years 1 month ago #165550
by ATSWebmaster
Files of type ".bin" in tmp/runtime/cache-folder, file permissions was created by ATSWebmaster
Hello,
Not sure if this is technically a "design issue" but I have question about the cache-folder files with type .bin e.g "limesurvey/tmp/runtime/cache/0b354aa9282277cdf15f32fd9d472d54.bin"
A security plugin of Joomla-installation is complaining about the file permission of these files as they have permission of 666, and not what the plugin considers secure, which is 644.
What are these files in the first place and is the permission of 666 actually needed for them? And is there any config-option to control this?
Not sure if this is technically a "design issue" but I have question about the cache-folder files with type .bin e.g "limesurvey/tmp/runtime/cache/0b354aa9282277cdf15f32fd9d472d54.bin"
A security plugin of Joomla-installation is complaining about the file permission of these files as they have permission of 666, and not what the plugin considers secure, which is 644.
What are these files in the first place and is the permission of 666 actually needed for them? And is there any config-option to control this?
The topic has been locked.
- LouisGac
- Visitor
6 years 1 month ago #165565
by LouisGac
Replied by LouisGac on topic Files of type ".bin" in tmp/runtime/cache-folder, file permissions
this file is the CStatePersister. It's managed by the yii framework itself.
www.yiiframework.com/doc/api/1.1/CStatePersister
www.yiiframework.com/doc/api/1.1/CStatePersister
The topic has been locked.
- ATSWebmaster
- Topic Author
- Offline
- New Member
Less
More
- Posts: 2
- Thank you received: 0
6 years 4 weeks ago #165597
by ATSWebmaster
Replied by ATSWebmaster on topic Files of type ".bin" in tmp/runtime/cache-folder, file permissions
I see, thank you very much for the information! It seems the permissions could be changed by modifying file CFileCache.php but do you have any idea, if it is needed for everyone to have read/write permission to the cache files, and do these pose any threat to the site? I did a bit of research and it seems the original file of yii framework has set the permissions to default of the current environment.
File CFileCache.php of Limesurvey:
/**
* @var integer the permission to be set for new cache files.
* This value will be used by PHP chmod function.
* Defaults to 0666, meaning the file is read-writable by all users.
* @since 1.1.16
*/
public $cacheFileMode=0666;
From file FileCache.php of the yii framework ( github.com/yiisoft/yii2/blob/master/fram...aching/FileCache.php ):
/**
* @var int the permission to be set for newly created cache files.
* This value will be used by PHP chmod() function. No umask will be applied.
* If not set, the permission will be determined by the current environment.
*/
public $fileMode;
File CFileCache.php of Limesurvey:
/**
* @var integer the permission to be set for new cache files.
* This value will be used by PHP chmod function.
* Defaults to 0666, meaning the file is read-writable by all users.
* @since 1.1.16
*/
public $cacheFileMode=0666;
From file FileCache.php of the yii framework ( github.com/yiisoft/yii2/blob/master/fram...aching/FileCache.php ):
/**
* @var int the permission to be set for newly created cache files.
* This value will be used by PHP chmod() function. No umask will be applied.
* If not set, the permission will be determined by the current environment.
*/
public $fileMode;
The topic has been locked.
- LouisGac
- Visitor
6 years 4 weeks ago #165609
by LouisGac
Replied by LouisGac on topic Files of type ".bin" in tmp/runtime/cache-folder, file permissions
The topic has been locked.