Description of issue or problem I’m having:
Our nightly system check discovered world-writable files in $files_dir/journals, namely:
Steps I took leading up to the issue:
None we are aware of.
What I tried to resolve the issue:
I checked the
umask setting in
config.inc.php, but it is “0022”.
OJS: v3.3.0-10 running on a Debian v11.3 (“bullseye”) LAMP system, using
- Linux v5.10.0-9
- Apache v2.4.53
- PHP (fpm-fcgi) v7.4.28
- MariaDB v15.1
Additional information, such as screenshots and error log messages if applicable:
- There are other submissions, which have been created earlier than the offending ones, and the permissions of these are correct (i.e., user and group “ojs” and mode 0644).
- The issue appears to be similar to https://forum.pkp.sfu.ca/t/ojs-v3-3-0-8-creates-world-writable-log-files-in-files-dir-scheduledtasklogs/71980.
Thanks for looking into this!