phpgroupware-developers
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [phpGroupWare-developers] Need your advice on php5 session files - [


From: Chris Weiss
Subject: Re: [phpGroupWare-developers] Need your advice on php5 session files - [Fwd: Bug#479905: phpgroupware-0.9.16-core-base: /var/lib/phpgroupware/sessions grows as files are never purged]
Date: Wed, 7 May 2008 07:11:42 -0500

On Wed, May 7, 2008 at 5:15 AM, Olivier Berger
<address@hidden> wrote:
> Hello.
>
>  I'm considering the right way to manage the PHP session files on
>  standard installations in Debian.
>
>  Maybe you can help, as I'm not really expert in PHP.
>
>  In Debian's default configuration, phpGroupware uses session files, and
>  the session.save_path is directed to a specific directory, separate from
>  the PHP5 default (/var/lib/phpgroupware/sessions instead of the
>  default /var/lib/php5/ in Debian).
>
>  I guess such a separate dir was a way to prevent collision with other
>  applicatons which may lead to security issues as phpGroupware sessions
>  may contain sensitive information.
>
>  Would this be a big risk to store them in the same place as other PHP
>  apps installed on the same server ?
>
>  Would you recommend any policy ?
>
>  You'll find bellow a bug-report about these files not being purged ATM
>  in Debian, btw ;)
>

it's always been my impression that php's garbage collection, not a
cron job, handles removing old session files.  maybe what we have a
bug in php itself...




reply via email to

[Prev in Thread] Current Thread [Next in Thread]