In my PHP class i upload files and then scan them with antivirus. Uploaded files are stored in /tmp with names like /tmp/phpRANDOM (allas usually)
But when i pass this path to clamav server it returns "Access denied". For other files (not in /tmp) all works fine. The reason is that /tmp/php... files have permissions rw------ (read/write only by owner). but clamav works as different user from apache/php .
So, the question. How PHP decides which permissions to use for upload temp files? How i can configure this? maybe this is some umask configured on a user level? If i want to have rw--r--r-- permissions for files in /tmp folder , are there any reasons not doing this (security)?
I have found the solution. I just change permissions to files before posting them to clamav
It is like
$perm = fileperms($filepath) | 0644;
chmod($filepath, $perm);
And it works fine