[Petter Reinholdtsen] > There is a slbackup-php bug (BTS report submitted, no # yet) that is > of the few fatal problems with our Debian Edu/Squeeze version soon > to be finished. Anyone with PHP skills around capable of providing > a patch to fix the problem?
The bug number is #655832. Please, if you know PHP, have a look and fix a patch. The next stable update is next weekend, and we really should have a fix in place before this. When I had a look at the cookies set by slbackup-php, I was surprised to find two cookies with paths in them, one pointing to the script and another to a template. Is this a security issue, where the user can fool the script to show files the user should not have access to? -- Happy hacking Petter Reinholdtsen -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
