Edit report at http://bugs.php.net/bug.php?id=54534&edit=1
ID: 54534 Updated by: ahar...@php.net Reported by: fredrik at dolda2000 dot com Summary: Sessions fail when running PHP as multiple users -Status: Open +Status: Wont fix Type: Bug Package: Session related Operating System: Debian PHP Version: trunk-SVN-2011-04-14 (snap) Block user comment: N Private report: N New Comment: You can already handle this corner case with a custom session handler. I don't think it's a common enough problem in practice to justify changing the long-standing behaviour of PHP's default session handler. Previous Comments: ------------------------------------------------------------------------ [2011-04-14 16:29:48] fredrik at dolda2000 dot com Description: ------------ I'm running a website on which PHP runs as multiple different users on the operating system, and I'm encountering problems when a visitor to the site goes from a part where PHP runs as one user to another part where PHP runs as another user. Since PHP saves all sessions in one directory, it will attempt to load the same session data as long as the visitor uses the same SID. When the session was created by one user, it cannot be loaded by another. That is of course, in itself, as it should. I would argue, however, that the session filenames should contain the UID of the user running PHP, so as to remove such conflicts. The resultant behavior is probably reasonable, as the different users running PHP will most likely not want to share session data with each other. ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/bug.php?id=54534&edit=1
