[horde] Security related.
asa at isac.gov.in
Wed May 23 10:26:43 UTC 2007
Quoting Chuck Hagenbuch <chuck at horde.org>:
> Quoting Anant Athavale <asa at isac.gov.in>:
>>> Nope. He's just using VB like a browser. He can't do anything you
>>> can't do from a browser.
>> but, how does the session is maintained?
> Either by passing the cookie or by putting the session id in the URL.
> You can disable URL-based sessions if it's the latter and you don't
> mind requiring your users to enable cookies.
We have the following settings in conf.php for Horde.
$conf['session']['name'] = 'Horde';
$conf['session']['use_only_cookies'] = true;
$conf['session']['cache_limiter'] = 'nocache';
$conf['session']['timeout'] = 0;
$conf['sessionhandler']['type'] = 'none';
>> It was in my sent mail. I do not know, how it missed in the list.
>> Attaching again.
> The list allows a very limited set of attachment types to prevent spam.
I attached the files again after changing the extension of the file.
It was sent to the list successfully. Can I prevent him from sending
mails by changing any of the parameters listed above? I feel the
able to send mails.
> Horde mailing list - Join the hunt: http://horde.org/bounties/#horde
> Frequently Asked Questions: http://horde.org/faq/
> To unsubscribe, mail: horde-unsubscribe at lists.horde.org
More information about the horde