[php-maint] Bug#409939: php4: Crontab job doesn't properly clean
sessions
Jérôme Decoodt
jdecoodt+debianbugs at uniways.fr
Tue Feb 6 15:37:11 CET 2007
Package: php4
Version: 4:4.3.10-16
Severity: normal
Tags: patch
Hello,
Crontab job (/etc/cron.d/php4) only look for sessions to be cleanned in
/var/lib/php4. However, user can change this in php.ini files using the
session.save_path directive.
This patch looks for each ini file and search the session.save_path
directive. If it is not set, it uses the default /var/lib/php4. Then,
it cleans all files begining with "sess_" that are older than the max
lifetime in this path (warning, there could be security issues around
this...)
The patch should be called from the crontab.
Regards,
-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.4.27
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Versions of packages php4 depends on:
ii libapache2-mod-php4 4:4.3.10-16 server-side, HTML-embedded scripti
ii php4-common 4:4.3.10-16 Common files for packages built fr
-- no debconf information
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cleansessions
Type: application/x-shellscript
Size: 525 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-php-maint/attachments/20070206/47e551aa/cleansessions.bin
More information about the pkg-php-maint
mailing list