File Upload Permissions Issues

Maxim Dounin mdounin at mdounin.ru
Wed Jun 27 06:02:53 UTC 2018


Hello!

On Wed, Jun 27, 2018 at 12:56:09AM -0400, VP Lists wrote:

[...]

> OK, here’s where things get interesting:
> 
> On MacOS El Capitan:  --http-client-body-temp-path=/usr/local/var/run/nginx/client_body_temp
> /usr						drwxr-xr-x@   13 root  wheel   442B May 26  2017 usr	
> /usr/local					drwxr-xr-x    28 rich  admin   952B Mar 30 16:12 local
> /usr/local/var					drwx------    36 rich  admin   1.2K May  7 21:01 var

Clearly "nobody" has no rights to work with anything in 
/usr/local/var.  That's what causes the error you've faced.  You 
have to fix it for things to work.

[...]

> On two different boxes, two different OSes, showing variable 
> eXecution permissions within the path.  Not only that, but in 
> both instances, the client_body_temp permissions show “drwx- - - 
> - - -“, and for two different owner:group combinations.  
> 
> Why would nginx allow this to happen?  Is it not thinkable that 
> either nginx would state that a clear path to the directory 
> responsible for receiving file uploads be permitted?  Or maybe 
> the maintainers receiving this as a criteria for installation?  
> I find this quite odd.  
> 
> Running around patching up path permissions to installed 
> directories, specific to nginx, is truly strange.  

Permissions on FreeBSD are perfectly fine.

Permissions on macOS are broken due to incorrect permissions on 
/usr/local/var, and it's clearly not nginx business to do anything 
with permissions on the system-wide directory.

If you think packaging system you've used to install things into 
/usr/local/ could be better at maintaining correct permissions on 
various folders under /usr/local/ - you may want to contact 
authors of the packaging system.

[...]

-- 
Maxim Dounin
http://mdounin.ru/


More information about the nginx mailing list