[imp] Users still getting into other users' mailboxes at login
lst_hoe at kwsoft.de
lst_hoe at kwsoft.de
Wed Jul 16 02:12:11 PDT 2003
Zitat von James Moore <jmoore at thebank.com>:
> We were having problems with users getting into other people's
> mailboxes at login, as has been reported elsewhere. We made all the
> following changes to our PHP setup, as was recommended in the
> discussions:
>
> php.ini:
> session.use_cookies 1
> session.use_trans_sid 0
> session.entropy_file /dev/urandom
> session.entropy_length 64
>
> Other session-related settings are as follows:
> /etc/php.ini:
> session.gc_maxlifetime = 1440
> session.gc_probability = 1
> session.save_handler = file
> session.save_path = /var/www/tmp
>
> horde.php:
> $conf['session_name'] = 'Horde';
> $conf['cache_limiter'] = 'nocache';
> $conf['session_timeout'] = 0;
>
> We are running the following packages and versions:
> Production Test
> Horde 2.2.1 2.2.3
> IMP 3.1 3.2.1
> Turba 1.1 1.2
>
> Our webserver uses Redhat 7.3, Apache 1.3.27, PHP v. 4.1.2
I have heard that there were numerous bugs in session-handling of PHP before 4.3
Maybe try the newer releases.
Regards
Andreas
More information about the imp
mailing list