Security Question

Andreas Ebinger ebinger@uni-hohenheim.de
Tue, 24 Oct 2000 09:12:20 +0200 (CEST)

Previous message: [imp] problem with imp configuration
Next message: [imp] Security Question
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

while reading through this I have another question

>> I took this at face value previously but after user complaints I've found
>> that this doesn't seem to work very well.  First of all, even going
>> through phplibs documentation did not help me understand the difference
>> between "session cookies" and the cookie you get if you set lifetime>0 in
>> local.inc.  Is it just that the lifetime=0 cookie is never written to disk
>> or is there another difference as well?

>lifetime=0 means the cookie is not written to disk, and lasts as long as the
>browser instance.

(my configuration: horde-imp 2.2.3,apache-1.3.12,mysql-3.22.32,php-4.0.3.p1,
lifetime=0)

If I login with cookies, then save the Url(bookmark), close netscape, start
netscape again ,turn the cookies off and go to the bookmark,
then I am logged in on my account.
(if I leave cookies on, I will be asked for the password/I have to log in again)
And I think if you turn off cookies all the time, I will get the same results.
When will the session be cancelled if you turn cookies off ?
If I want to keep the lifetime=0, can I do anything against that ?
And if I change lifetime to a different value, do I have to turn cookies on ?


Andreas

Andreas Ebinger
Rechenzentrum Uni Hohenheim
ebinger@uni-hohenheim.de
Telefon: 0711/459-3948

Previous message: [imp] problem with imp configuration
Next message: [imp] Security Question
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]