==================================================================
Please DO NOT REPLY to this mail or send email to the developers
about this bug. Please follow-up to Bugzilla using this link:
http://bugs.contribs.org/show_bug.cgi?id=9073
Have you checked the Frequently Asked Questions (FAQ)?
http://wiki.contribs.org/SME_Server:Documentation:FAQ
Please also take the time to read the following useful guide:
http://www.chiark.greenend.org.uk/~sgtatham/bugs.html
==================================================================
--- Comment #6 from Mats Schuh <[email protected]> ---
Basically you are right (we could), but I am curious if we really should (and
eager to learn) :-)
In the current (patched) code, if the vacation message cannot be written for
whatever reason, the script will (rightfully) die before the database change
(ie. enabling vacation for the user) happens.
If we were to reverse the logical sequence of these two steps, the
EmailVacation property for a user would still be set to 'yes' even if the
.vacation.msg creation then failed afterwards (and this does not sound
right...).
Besides, there are some system calls further down the code...
So, what would be the penalty (or security implication) for switching to
another effective UID _and_ back _only_ for the creation of the .vacation.msg
file, like in the current patch?
--
You are receiving this mail because:
You are the QA Contact for the bug._______________________________________________
Mail for each SME Contribs bug report
To unsubscribe, e-mail [email protected]
Searchable archive at http://lists.contribs.org/mailman/public/contribteam/
