I am currently using version 1.4.0
imap server is uw
webserver is apache 1.3.27
a few days ago I found in the /tmp directory and executable file named "b" ... which was owned by apache user
I couldn't tell what the file was doing so I deleted it and changed the permissions to 666 on the /tmp directory.. ie not executable..
when I did this I found that users couldn't login to squirrelmail
so it seems that squirrelmail requires apache to have execute permission on the /tmp and on squrrrelmail/data directories. but in my case at least it seems that apache can write to those files and execute whatever...
can anyone shed any light on this problem?
is there anyway to run squirrelmail without execute permission on the directories /tmp and squirrelmail/data?
or is there any way to keep apache from writing files to these directories and executing them?
thanks for any help
Scott Kopel
English Department - FSU
850 644 6177
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/
--
squirrelmail-users mailing list
Posting Guidelines: http://squirrelmail.org/wiki/wiki.php?MailingListPostingGuidelines
List Address: [EMAIL PROTECTED]
List Archives: http://news.gmane.org/thread.php?group=gmane.mail.squirrelmail.user
List Archives: http://sourceforge.net/mailarchive/forum.php?forum_id=2995
List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
