File Upload Permissions Issues
mdounin at mdounin.ru
Wed Jun 27 06:02:53 UTC 2018
On Wed, Jun 27, 2018 at 12:56:09AM -0400, VP Lists wrote:
> OK, here’s where things get interesting:
> On MacOS El Capitan: --http-client-body-temp-path=/usr/local/var/run/nginx/client_body_temp
> /usr drwxr-xr-x@ 13 root wheel 442B May 26 2017 usr
> /usr/local drwxr-xr-x 28 rich admin 952B Mar 30 16:12 local
> /usr/local/var drwx------ 36 rich admin 1.2K May 7 21:01 var
Clearly "nobody" has no rights to work with anything in
/usr/local/var. That's what causes the error you've faced. You
have to fix it for things to work.
> On two different boxes, two different OSes, showing variable
> eXecution permissions within the path. Not only that, but in
> both instances, the client_body_temp permissions show “drwx- - -
> - - -“, and for two different owner:group combinations.
> Why would nginx allow this to happen? Is it not thinkable that
> either nginx would state that a clear path to the directory
> responsible for receiving file uploads be permitted? Or maybe
> the maintainers receiving this as a criteria for installation?
> I find this quite odd.
> Running around patching up path permissions to installed
> directories, specific to nginx, is truly strange.
Permissions on FreeBSD are perfectly fine.
Permissions on macOS are broken due to incorrect permissions on
/usr/local/var, and it's clearly not nginx business to do anything
with permissions on the system-wide directory.
If you think packaging system you've used to install things into
/usr/local/ could be better at maintaining correct permissions on
various folders under /usr/local/ - you may want to contact
authors of the packaging system.
More information about the nginx