[imp] wrong person's inbox?

Jan Schneider jan at horde.org
Thu Oct 17 16:18:12 PDT 2002


Zitat von Liam Hoekenga <liamr at umich.edu>:

> > > We had a user report that he signed in read his email, signed
> > > out, then signed back in again and was presented w/someone else's
> > > mailbox.
> >
> > It has come up before but none of the reporters was actually able to
> > reproduce it. It always have been end user reports.
> > You use session.entropy correctly, don't you?
> 
> I *think* I've entropy set up correctly.  Here are the settings from our
> php.ini
> file:
> 
>     session.entropy_length = 16
>     session.entropy_file = /dev/urandom
> 
> Are these values right?  Do I need additional settings?

No, looks good.

Jan.

--
http://www.horde.org - The Horde Project
http://www.ammma.de - discover your knowledge
http://www.tip4all.de - Deine private Tippgemeinschaft


More information about the imp mailing list