[imp] Session Collisions
Chuck Hagenbuch
chuck at horde.org
Thu Mar 6 13:18:54 PST 2003
Quoting Eric Rostetter <eric.rostetter at physics.utexas.edu>:
> There's been only minor work in this area in CVS HEAD, AFAIK. The work
> has been towards killing the sessions at logout/login...
I'd say it's fairly major changes, actually - every login you are forced to
a new session id now, so it's impossible to fix someone's session id. That
doesn't solve all issues, especially with URL-based sessions, but it helps,
and certainly prevents the situation the poster described.
This has mostly been shaken out in HEAD now; I'd be willing to start looking
at merging it to Horde RELENG_2 if folks are up for it/interested.
-chuck
--
Charles Hagenbuch, <chuck at horde.org>
I know there's fish out there, but where g-d only knows.
More information about the imp
mailing list