[Bug 619855] Re: session.gc_probablity=1 in /etc/php5/apache2/php.ini conflicts with permissions on /var/lib/php5
Adam Conrad
adconrad at 0c3.net
Thu Aug 19 19:10:51 BST 2010
What does having different paths per SAPI buy you? The reason we did it
this way in the first place (setting gc to 0, strict/sticky permissions,
and a cronjob) was so that users all running as the same user (say, all
www-data) couldn't sniff each other's session.
Both those Debian bugs were closed by documenting WHY it was set to 0,
not setting it back to 1. With our setup, it should be turned off,
plain and simple. Document it, sure, but don't turn it back on because
some people can't read. :P
--
session.gc_probablity=1 in /etc/php5/apache2/php.ini conflicts with permissions on /var/lib/php5
https://bugs.launchpad.net/bugs/619855
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in ubuntu.
More information about the Ubuntu-server-bugs
mailing list