[imp] Access to other users mailboxes
Charlie Reitsma
reitsmac at denison.edu
Tue Apr 1 14:34:46 PST 2003
Great! It's not just us. Same versions as you. A few students report seeing
other students inboxes and being able to read messages. php.ini entropy settings
are 16 and /dev/urandom on RedHat 7.3. gc_maxlifetime is three hours. Have not
been able to reproduce problem myself. Two students with their own Macintosh
systems have been able to reproduce it fairly consistently. Anything I should
look for in the prefs and/or session_data?
Quoting Myke Place <mp at xmission.com>:
> We've got a serious problem that I could really use some help with.
> Apparently, some users are logging into our IMP installation and getting
> the mailboxes of other users.
>
> I see in the logs that IMP is contacting the IMAP server and logging in,
> but on the Inbox screen, another users mail is displayed. We are using
> phpa with the follwing versions:
>
> Horde: 2.2.1
> IMP: 3.2.1
> PHP Version: 4.2.3
>
> Does anybody have a clue what might be going on? It doesn't happen with
> every user, only occasionally. This is very disturbing.
>
> -mp
>
> --
> I think computer viruses should count as life. I think it says something
> about
> human nature that the only life we have created so far is purely destructive.
>
> We've created life in our own image. -Steven Hawking
>
> --
> IMP mailing list
> Frequently Asked Questions: http://horde.org/faq/
> To unsubscribe, mail: imp-unsubscribe at lists.horde.org
>
Charlie Reitsma
Systems Engineer
More information about the imp
mailing list