[mod-security-users] @inspectFile script does not write to files
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
[mod-security-users] @inspectFile script does not write to files
|
From: Thorsten K. <tho...@th...> - 2018-10-02 18:07:31
|
Hi, I have a script that inspects files for viruses (like in "Inspecting Files" from https://www.feistyduck.com/library/modsecurity% 2dhandbook%2dfree/online/ch04-logging.html). This script works fine - although any file that I want to write to or create from this script is neither created nor modified. See this simple example script: ### #! /usr/bin/env bash touch /tmp/MODSECURITY-WAS-HERE.txt printf '0 THREAD DETECTED\n' ### This scripts denies all Uploads via Apache but no file "MODSECURITY- WAS-HERE.txt" is created. This are the relevant lines from modsecurity.conf ### (line break in line 2) SecRuleEngine On SecTmpSaveUploadedFiles On SecRule FILES_TMPNAMES "@inspectFile /opt/sophos-av/runav.sh" "id:'1',log,auditlog,deny,severity:2,phase:2,t:none" ### This is mod-security 2.9.2 on Ubuntu 18.04. Thorsten |
