Package: horde2
Version: 2.2.8-1sarge1
Severity: important
Tags: patch
Hi!
I found out that if php session.auto_start option is enabled horde2
immediately expires user sessions, and so doesn't permit anyone to log
in. This seems to be undocumented anywhere, but seems to be the case in
my experiments.
My suggestion to solve the issue is to:
1. Document the issue at least in README.Debian
2. Fix /etc/{apache/apache2}/conf.d/horde2.conf by adding by default
php_flag session.auto_start Off
I know this option is not enabled in debian by default, but if an admin
has enabled it, it can be a nightmare to find out what's wrong with his
webmail...
Thanks,
Guido
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
